The code foresees that parameters descriptor_size and descriptor_count
might be NULL and then dereferences them without further check.
The size check must take into account the descriptor count.
ImageInfo might be NULL. In this case we must not dereference it.
Fixes: 4ac6041c3cbf ("efi: ESRT creation tests")
Addresses-Coverity-ID: CID 569497: Null pointer dereferences (FORWARD_NULL)
Signed-off-by: Heinrich Schuchardt <heinrich.schucha...@canonical.com>
---
lib/efi_selftest/efi_selftest_esrt.c | 6 ++++--
1 file changed, 4 insertions(+), 2 deletions(-)
diff --git a/lib/efi_selftest/efi_selftest_esrt.c
b/lib/efi_selftest/efi_selftest_esrt.c
index b7688deb496..7eadac90fbc 100644
--- a/lib/efi_selftest/efi_selftest_esrt.c
+++ b/lib/efi_selftest/efi_selftest_esrt.c
@@ -69,10 +69,12 @@ EFIAPI efi_test_fmp_get_image_info(struct
efi_firmware_management_protocol *this
if (package_version_name)
*package_version_name = NULL;
- if (*image_info_size < sizeof(*image_info)) {
- *image_info_size = *descriptor_size * *descriptor_count;
+ if (*image_info_size < sizeof(*image_info) * TEST_ESRT_NUM_ENTRIES) {
+ *image_info_size = sizeof(*image_info) * TEST_ESRT_NUM_ENTRIES;
return EFI_BUFFER_TOO_SMALL;
}
+ if (!image_info)
+ return EFI_INVALID_PARAMETER;
for (int idx = 0; idx < TEST_ESRT_NUM_ENTRIES; idx++)
image_info[idx] = static_img_info[idx];
--
2.48.1
