sravan/system76-edk2
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

CryptoPkg/BaseCryptLib: Add NULL pointer checks in DH and P7Verify

Browse Source 
Add more NULL pointer checks before using them in DhGenerateKey and
Pkcs7GetCertificatesList functions to eliminate possible dereferenced
pointer issue.

Cc: Ting Ye <ting.ye@intel.com>
Cc: Hao Wu <hao.a.wu@intel.com>
Contributed-under: TianoCore Contribution Agreement 1.0
Signed-off-by: Qin Long <qin.long@intel.com>
Reviewed-by: Hao Wu <hao.a.wu@intel.com>
Reviewed-by: Ting Ye <ting.ye@intel.com>
(cherry picked from commit a9fb7b7803)
This commit is contained in:
Long Qin
2017-05-19 15:22:10 +08:00
parent 3ecfa5668f
commit 454d99de04
2 changed files with 10 additions and 4 deletions
Download Patch File Download Diff File Expand all files Collapse all files

2
CryptoPkg/Library/BaseCryptLib/Pk/CryptDh.c
View File

@ -232,7 +232,9 @@ DhGenerateKey (
return FALSE;
}
if (PublicKey != NULL) {
BN_bn2bin (DhPubKey, PublicKey);
}
*PublicKeySize = Size;
}

4
CryptoPkg/Library/BaseCryptLib/Pk/CryptPkcs7Verify.c
View File

@ -558,7 +558,9 @@ Pkcs7GetCertificatesList (
}
}
CtxUntrusted = X509_STORE_CTX_get0_untrusted (CertCtx);
if (CtxUntrusted != NULL) {
(VOID)sk_X509_delete_ptr (CtxUntrusted, Signer);
}
//
// Build certificates stack chained from Signer's certificate.
@ -711,8 +713,10 @@ _Error:
}
sk_X509_free (Signers);
if (CertCtx != NULL) {
X509_STORE_CTX_cleanup (CertCtx);
X509_STORE_CTX_free (CertCtx);
}
if (SingleCert != NULL) {
free (SingleCert);