In file SecurityPkg/Library/HashLibBaseCryptoRouter/

HashLibBaseCryptoRouterPei.c, the function

CheckSupportedHashMaskMismatch calls InternalGetHashInterfaceHob and

stores return value in HashInterfaceHobLast. Thereafter, it does

 

  ASSERT (HashInterfaceHobLast != NULL);

 

but this comes into play only in DEBUG mode. In Release mode, the

code continues to proceed to dereferencing "HashInterfaceHobLast"

which will lead to CRASH if HashInterfaceHobLast is NULL.

 

Hence, for safety add HashInterfaceHobLast NULL pointer check before

accessing further field values.

 

REF: https://bugzilla.tianocore.org/show_bug.cgi?id=4225

Signed-off-by: Ranbir Singh <Ranbir.Singh3@Dell.com>

---

 .../HashLibBaseCryptoRouter/HashLibBaseCryptoRouterPei.c       | 3 ++-

 1 file changed, 2 insertions(+), 1 deletion(-)

 

diff --git a/SecurityPkg/Library/HashLibBaseCryptoRouter/HashLibBaseCryptoRouterPei.c b/SecurityPkg/Library/HashLibBaseCryptoRouter/HashLibBaseCryptoRouterPei.c

index eeb424b6c3..0c8315ed03 100644

--- a/SecurityPkg/Library/HashLibBaseCryptoRouter/HashLibBaseCryptoRouterPei.c

+++ b/SecurityPkg/Library/HashLibBaseCryptoRouter/HashLibBaseCryptoRouterPei.c

@@ -108,7 +108,8 @@ CheckSupportedHashMaskMismatch (

   HashInterfaceHobLast = InternalGetHashInterfaceHob (&gZeroGuid);

   ASSERT (HashInterfaceHobLast != NULL);

 

-  if ((HashInterfaceHobLast->SupportedHashMask != 0) &&

+  if ((HashInterfaceHobLast != NULL) &&

+      (HashInterfaceHobLast->SupportedHashMask != 0) &&

       (HashInterfaceHobCurrent->SupportedHashMask != HashInterfaceHobLast->SupportedHashMask))

   {

     DEBUG ((

--

2.36.1.windows.1