From 2aabd14630762198fe36856d4cdb65abac29b14e Mon Sep 17 00:00:00 2001
From: Qin Long <qin.long@intel.com>
Date: Tue, 30 Jun 2015 03:27:23 +0000
Subject: [PATCH] CryptoPkg: Fix the dereferenced pointer issue

This patch is to fix one dereferenced pointer issue in new
Pkcs7GetAttachedContent API, and add the memory allocation
failure check.

Contributed-under: TianoCore Contribution Agreement 1.0
Signed-off-by: Qin Long <qin.long@intel.com>
Reviewed-by: Ye Ting <ting.ye@intel.com>

git-svn-id: https://svn.code.sf.net/p/edk2/code/trunk/edk2@17731 6f19259b-4bc3-4df7-8a09-765794883524
---
 .../Library/BaseCryptLib/Pk/CryptPkcs7Verify.c     | 14 +++++++++-----
 1 file changed, 9 insertions(+), 5 deletions(-)

diff --git a/CryptoPkg/Library/BaseCryptLib/Pk/CryptPkcs7Verify.c b/CryptoPkg/Library/BaseCryptLib/Pk/CryptPkcs7Verify.c
index b8cfa4286d..d0b0c838b8 100644
--- a/CryptoPkg/Library/BaseCryptLib/Pk/CryptPkcs7Verify.c
+++ b/CryptoPkg/Library/BaseCryptLib/Pk/CryptPkcs7Verify.c
@@ -719,11 +719,6 @@ Pkcs7GetAttachedContent (
   CONST UINT8        *Temp;
   ASN1_OCTET_STRING  *OctStr;
 
-  *Content   = NULL;
-  Pkcs7      = NULL;
-  SignedData = NULL;
-  OctStr     = NULL;
-
   //
   // Check input parameter.
   //
@@ -731,6 +726,11 @@ Pkcs7GetAttachedContent (
     return FALSE;
   }
 
+  *Content   = NULL;
+  Pkcs7      = NULL;
+  SignedData = NULL;
+  OctStr     = NULL;
+
   Status = WrapPkcs7Data (P7Data, P7Length, &Wrapped, &SignedData, &SignedDataSize);
   if (!Status || (SignedDataSize > INT_MAX)) {
     goto _Exit;
@@ -771,6 +771,10 @@ Pkcs7GetAttachedContent (
     if ((OctStr->length > 0) && (OctStr->data != NULL)) {
       *ContentSize = OctStr->length;
       *Content     = malloc (*ContentSize);
+      if (*Content == NULL) {
+        *ContentSize = 0;
+        goto _Exit;
+      }
       CopyMem (*Content, OctStr->data, *ContentSize);
     }
   }
-- 
2.39.2