On 07.05.20 02:17, Patrick Wildt wrote:
Since pkcs7_parse_message() returns an error pointer, we must not check for NULL. We have to explicitly set msg to NULL in the error case, otherwise the call to pkcs7_free_message() on the goto err path will assume it's a valid object.
Signed-off-by: Patrick Wildt patrick@blueri.se
diff --git a/lib/efi_loader/efi_image_loader.c b/lib/efi_loader/efi_image_loader.c index 5a9a6424cc..43a53d3dd1 100644 --- a/lib/efi_loader/efi_image_loader.c +++ b/lib/efi_loader/efi_image_loader.c @@ -538,8 +538,9 @@ static bool efi_image_authenticate(void *efi, size_t efi_size) } msg = pkcs7_parse_message((void *)wincert + sizeof(*wincert), wincert->dwLength - sizeof(*wincert));
if (!msg) {
if (IS_ERR(msg)) {
Compiling with sandbox_defconfig results in:
lib/efi_loader/efi_image_loader.c: In function ‘efi_image_authenticate’: lib/efi_loader/efi_image_loader.c:541:7: warning: implicit declaration of function ‘IS_ERR’ [-Wimplicit-function-declaration] 541 | if (IS_ERR(msg)) { | ^~~~~~
I will add the missing #include <linux/err.h> when merging.
Reviewed-by: Heinrich Schuchardt xypron.glpk@gmx.de
debug("Parsing image's signature failed\n");
msg = NULL; goto err;