cmd: efidebug: always check return code from get_variable()

CID 316364 says:
> Null pointer dereferences  (FORWARD_NULL)
>	printf("Result total size: 0x%x\n", result->variable_total_size);
at do_efi_capsule_res().

The code is basically safe because a buffer for "result" is allocated
by malloc() and filled up by the second get_variable(), which fails any way
if the allocation has failed.

But the first (and second) get_variable() possibly returns an error other
than EFI_SUCCESS. We always need to check the return code from
get_variable() before accessing the data in "result".

While this change won't suppress CID 316364, the resulting code is much
safer.

Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org>
Signed-off-by: Heinrich Schuchardt <xypron.glpk@gmx.de>

diff --git a/cmd/efidebug.c b/cmd/efidebug.c
index 9a2d4dd..83bc219 100644 (file)
--- a/cmd/efidebug.c
+++ b/cmd/efidebug.c
@@ -189,14 +189,16 @@ static int do_efi_capsule_res(struct cmd_tbl *cmdtp, int flag,
        ret = EFI_CALL(RT->get_variable(var_name16, &guid, NULL, &size, NULL));
        if (ret == EFI_BUFFER_TOO_SMALL) {
                result = malloc(size);
+               if (!result)
+                       return CMD_RET_FAILURE;
                ret = EFI_CALL(RT->get_variable(var_name16, &guid, NULL, &size,
                                                result));
-               if (ret != EFI_SUCCESS) {
-                       free(result);
-                       printf("Failed to get %ls\n", var_name16);
+       }
+       if (ret != EFI_SUCCESS) {
+               free(result);
+               printf("Failed to get %ls\n", var_name16);
 
-                       return CMD_RET_FAILURE;
-               }
+               return CMD_RET_FAILURE;
        }
 
        printf("Result total size: 0x%x\n", result->variable_total_size);