From d0df9304c7a777557e1925dc9f75406ec00e6179 Mon Sep 17 00:00:00 2001
From: Peter Jones <pjones@redhat.com>
Date: Thu, 9 Dec 2021 17:21:45 -0500
Subject: [PATCH] Minor coverity fixes

- one missing free
- one minor deadcode issue
- two unchecked allocations
- one debug hexdump of a variable we just freed

Signed-off-by: Peter Jones <pjones@redhat.com>
---
 MokManager.c      | 1 +
 fallback.c        | 7 +++++--
 include/hexdump.h | 7 ++++++-
 lib/variables.c   | 2 ++
 mok.c             | 4 +++-
 5 files changed, 17 insertions(+), 4 deletions(-)

diff --git a/MokManager.c b/MokManager.c
index c195cadc5..1359af837 100644
--- a/MokManager.c
+++ b/MokManager.c
@@ -339,6 +339,7 @@ static void show_x509_info(X509 * X509Cert, UINT8 * hash)
 		for (i = 0; i < n; i++) {
 			CatPrint(&serial_string, L"%02x:", hexbuf[i]);
 		}
+		BN_free(bnser);
 	}
 
 	if (serial_string.str)
diff --git a/fallback.c b/fallback.c
index 5da867dd2..8e6327be8 100644
--- a/fallback.c
+++ b/fallback.c
@@ -230,8 +230,11 @@ add_boot_option(EFI_DEVICE_PATH *hddp, EFI_DEVICE_PATH *fulldp,
 				StrLen(label)*2 + 2 + DevicePathSize(hddp) +
 				StrLen(arguments) * 2;
 
-			CHAR8 *data = AllocateZeroPool(size + 2);
-			CHAR8 *cursor = data;
+			CHAR8 *data, *cursor;
+			cursor = data = AllocateZeroPool(size + 2);
+			if (!data)
+				return EFI_OUT_OF_RESOURCES;
+
 			*(UINT32 *)cursor = LOAD_OPTION_ACTIVE;
 			cursor += sizeof (UINT32);
 			*(UINT16 *)cursor = DevicePathSize(hddp);
diff --git a/include/hexdump.h b/include/hexdump.h
index 1a20339bc..e8f4fe1ac 100644
--- a/include/hexdump.h
+++ b/include/hexdump.h
@@ -71,7 +71,7 @@ prepare_text(const void *data, size_t size, char *buf, unsigned int position)
 		else
 			buf[offset++] = '.';
 	}
-	buf[offset++] = size > 0 ? '|' : 'X';
+	buf[offset++] = '|';
 	buf[offset] = '\0';
 }
 
@@ -89,6 +89,11 @@ vhexdumpf(const char *file, int line, const char *func, const CHAR16 *const fmt,
 	if (verbose == 0)
 		return;
 
+	if (!data || !size) {
+		dprint(L"hexdump of a NULL pointer!\n");
+		return;
+	}
+
 	while (offset < size) {
 		char hexbuf[49];
 		char txtbuf[19];
diff --git a/lib/variables.c b/lib/variables.c
index 3ec054788..8e63aa8f3 100644
--- a/lib/variables.c
+++ b/lib/variables.c
@@ -68,6 +68,8 @@ fill_esl_with_one_signature(const uint8_t *data, const uint32_t data_len,
 
 	if (out) {
 		sd = AllocateZeroPool(sig_size);
+		if (!sd)
+			return EFI_OUT_OF_RESOURCES;
 		if (owner)
 			CopyMem(sd, (void *)owner, sizeof(EFI_GUID));
 		CopyMem(sd->SignatureData, (void *)data, data_len);
diff --git a/mok.c b/mok.c
index 52dffc3ea..930e52a2c 100644
--- a/mok.c
+++ b/mok.c
@@ -883,7 +883,9 @@ EFI_STATUS import_one_mok_state(struct mok_state_variable *v,
 	}
 
 	dprint(L"maybe mirroring \"%s\".  original data:\n", v->name);
-	dhexdumpat(v->data, v->data_size, 0);
+	if (v->data && v->data_size) {
+		dhexdumpat(v->data, v->data_size, 0);
+	}
 
 	ret = maybe_mirror_one_mok_variable(v, ret, only_first);
 	dprint(L"returning %r\n", ret);