Fix invalid access of NewRecoveryChallenge when memory allocation fai…

…ls (#168) ## Description If memory allocation for the NewChallenge variable should not be used. It will result in Invalid access at the following line. NewChallenge->SerialNumber = 0; With this change if memory allocation for the NewChallenge variable fails, EFI_OUT_OF_RESOURCES is returned - [ ] Impacts functionality? No - [ ] Impacts security? No - [ ] Breaking change? No - [ ] Includes tests? No - [ ] Includes documentation? No ## How This Was Tested Build passes with this change ## Integration Instructions N/A
microsoft · Dec 6, 2023 · 8978086 · 8978086
1 parent 7534399
commit 8978086
Showing 1 changed file with 9 additions and 6 deletions.
diff --git a/DfciPkg/Library/DfciRecoveryLib/DfciRecoveryLib.c b/DfciPkg/Library/DfciRecoveryLib/DfciRecoveryLib.c
@@ -66,19 +66,22 @@ GetRecoveryChallenge (
   //
   // Locate the RNG Protocol. This will be needed for the nonce.
   Status = gBS->LocateProtocol (&gEfiRngProtocolGuid, NULL, (VOID **)&RngProtocol);
-  DEBUG ((DEBUG_VERBOSE, "%a: LocateProtocol(RNG) = %r\n", __FUNCTION__, Status));
+  if (EFI_ERROR (Status)) {
+    DEBUG ((DEBUG_ERROR, "%a: LocateProtocol(RNG) = %r\n", __FUNCTION__, Status));
+    return EFI_NOT_FOUND;
+  }
 
   //
   // From now on, don't proceed on errors.
   //
 
   //
   // Allocate the buffer...
-  if (!EFI_ERROR (Status)) {
-    NewChallenge = AllocatePool (sizeof (DFCI_RECOVERY_CHALLENGE) + DFCI_MULTI_STRING_MAX_SIZE);
-    if (NewChallenge == NULL) {
-      Status = EFI_OUT_OF_RESOURCES;
-    }
+  NewChallenge = AllocatePool (sizeof (DFCI_RECOVERY_CHALLENGE) + DFCI_MULTI_STRING_MAX_SIZE);
+
+  // Exit if we ran out of resources
+  if (NewChallenge == NULL) {
+    return EFI_OUT_OF_RESOURCES;
   }
 
   //