From mboxrd@z Thu Jan  1 00:00:00 1970
Return-Path: <qin.long@intel.com>
Received: from mga06.intel.com (mga06.intel.com [134.134.136.31])
 (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits))
 (No client certificate requested)
 by ml01.01.org (Postfix) with ESMTPS id CB38B21A16EEF
 for <edk2-devel@lists.01.org>; Fri, 19 May 2017 00:27:09 -0700 (PDT)
Received: from fmsmga003.fm.intel.com ([10.253.24.29])
 by orsmga104.jf.intel.com with ESMTP; 19 May 2017 00:27:09 -0700
X-ExtLoop1: 1
X-IronPort-AV: E=Sophos;i="5.38,363,1491289200"; d="scan'208";a="858956936"
Received: from shwde6388.ccr.corp.intel.com ([10.239.9.17])
 by FMSMGA003.fm.intel.com with ESMTP; 19 May 2017 00:27:08 -0700
From: Long Qin <qin.long@intel.com>
To: ting.ye@intel.com,
	hao.a.wu@intel.com,
	edk2-devel@lists.01.org
Cc: Qin Long <qin.long@intel.com>
Date: Fri, 19 May 2017 15:26:38 +0800
Message-Id: <20170519072638.10232-1-qin.long@intel.com>
X-Mailer: git-send-email 2.12.2.windows.2
Subject: [PATCH] CryptoPkg/BaseCryptLib: Add NULL pointer checks in DH and P7Verify
X-BeenThere: edk2-devel@lists.01.org
X-Mailman-Version: 2.1.22
Precedence: list
List-Id: EDK II Development  <edk2-devel.lists.01.org>
List-Unsubscribe: <https://lists.01.org/mailman/options/edk2-devel>,
 <mailto:edk2-devel-request@lists.01.org?subject=unsubscribe>
List-Archive: <http://lists.01.org/pipermail/edk2-devel/>
List-Post: <mailto:edk2-devel@lists.01.org>
List-Help: <mailto:edk2-devel-request@lists.01.org?subject=help>
List-Subscribe: <https://lists.01.org/mailman/listinfo/edk2-devel>,
 <mailto:edk2-devel-request@lists.01.org?subject=subscribe>
X-List-Received-Date: Fri, 19 May 2017 07:27:09 -0000

Add more NULL pointer checks before using them in DhGenerateKey and
Pkcs7GetCertificatesList functions to eliminate possible dereferenced
pointer issue.

Cc: Ting Ye <ting.ye@intel.com>
Cc: Hao Wu <hao.a.wu@intel.com>
Contributed-under: TianoCore Contribution Agreement 1.0
Signed-off-by: Qin Long <qin.long@intel.com>
---
 CryptoPkg/Library/BaseCryptLib/Pk/CryptDh.c          |  4 +++-
 CryptoPkg/Library/BaseCryptLib/Pk/CryptPkcs7Verify.c | 10 +++++++---
 2 files changed, 10 insertions(+), 4 deletions(-)

diff --git a/CryptoPkg/Library/BaseCryptLib/Pk/CryptDh.c b/CryptoPkg/Library/BaseCryptLib/Pk/CryptDh.c
index f44684f907..391efd5c14 100644
--- a/CryptoPkg/Library/BaseCryptLib/Pk/CryptDh.c
+++ b/CryptoPkg/Library/BaseCryptLib/Pk/CryptDh.c
@@ -232,7 +232,9 @@ DhGenerateKey (
       return FALSE;
     }
 
-    BN_bn2bin (DhPubKey, PublicKey);
+    if (PublicKey != NULL) {
+      BN_bn2bin (DhPubKey, PublicKey);
+    }
     *PublicKeySize = Size;
   }
 
diff --git a/CryptoPkg/Library/BaseCryptLib/Pk/CryptPkcs7Verify.c b/CryptoPkg/Library/BaseCryptLib/Pk/CryptPkcs7Verify.c
index 45d5df5e11..d564591cb7 100644
--- a/CryptoPkg/Library/BaseCryptLib/Pk/CryptPkcs7Verify.c
+++ b/CryptoPkg/Library/BaseCryptLib/Pk/CryptPkcs7Verify.c
@@ -558,7 +558,9 @@ Pkcs7GetCertificatesList (
     }
   }
   CtxUntrusted = X509_STORE_CTX_get0_untrusted (CertCtx);
-  (VOID)sk_X509_delete_ptr (CtxUntrusted, Signer);
+  if (CtxUntrusted != NULL) {
+    (VOID)sk_X509_delete_ptr (CtxUntrusted, Signer);
+  }
 
   //
   // Build certificates stack chained from Signer's certificate.
@@ -711,8 +713,10 @@ _Error:
   }
   sk_X509_free (Signers);
 
-  X509_STORE_CTX_cleanup (CertCtx);
-  X509_STORE_CTX_free (CertCtx);
+  if (CertCtx != NULL) {
+    X509_STORE_CTX_cleanup (CertCtx);
+    X509_STORE_CTX_free (CertCtx);
+  }
 
   if (SingleCert != NULL) {
     free (SingleCert);
-- 
2.12.2.windows.2