CryptoPkg: Fix conditionally uninitialized variable

Fixes CodeQL alerts for CWE-457:
https://cwe.mitre.org/data/definitions/457.html

Checks the return value from `ASN1_get_object()` to verify values
set by the function are valid.

Note that the function returns literal `0x80`:
    `return (0x80);`

That is used to check the return value is as the case in other areas
of the code.

Cc: Erich McMillan <emcmillan@microsoft.com>
Cc: Guomin Jiang <guomin.jiang@intel.com>
Cc: Jian J Wang <jian.j.wang@intel.com>
Cc: Jiewen Yao <jiewen.yao@intel.com>
Cc: Michael Kubacki <mikuback@linux.microsoft.com>
Cc: Xiaoyu Lu <xiaoyu1.lu@intel.com>
Co-authored-by: Erich McMillan <emcmillan@microsoft.com>
Signed-off-by: Michael Kubacki <michael.kubacki@microsoft.com>
Reviewed-by: Jiewen Yao <Jiewen.yao@intel.com>
Reviewed-by: Oliver Smith-Denny <osd@smith-denny.com>

diff --git a/CryptoPkg/Library/BaseCryptLib/Pk/CryptX509.c b/CryptoPkg/Library/BaseCryptLib/Pk/CryptX509.c
index 2333157e0d17e13d3ae7f1146e73d691c68a5d2f..1182323b63eeafcb029c7d7f071af5e8c3be12d1 100644 (file)
--- a/CryptoPkg/Library/BaseCryptLib/Pk/CryptX509.c
+++ b/CryptoPkg/Library/BaseCryptLib/Pk/CryptX509.c
@@ -807,6 +807,7 @@ X509GetTBSCert (
   UINT32       Asn1Tag;\r
   UINT32       ObjClass;\r
   UINTN        Length;\r
+  UINTN        Inf;\r
 \r
   //\r
   // Check input parameters.\r
@@ -836,9 +837,9 @@ X509GetTBSCert (
   //\r
   Temp   = Cert;\r
   Length = 0;\r
-  ASN1_get_object (&Temp, (long *)&Length, (int *)&Asn1Tag, (int *)&ObjClass, (long)CertSize);\r
+  Inf    = ASN1_get_object (&Temp, (long *)&Length, (int *)&Asn1Tag, (int *)&ObjClass, (long)CertSize);\r
 \r
-  if (Asn1Tag != V_ASN1_SEQUENCE) {\r
+  if (((Inf & 0x80) == 0x00) && (Asn1Tag != V_ASN1_SEQUENCE)) {\r
     return FALSE;\r
   }\r
 \r
@@ -848,7 +849,7 @@ X509GetTBSCert (
   //\r
   // Verify the parsed TBSCertificate is one correct SEQUENCE data.\r
   //\r
-  if (Asn1Tag != V_ASN1_SEQUENCE) {\r
+  if (((Inf & 0x80) == 0x00) && (Asn1Tag != V_ASN1_SEQUENCE)) {\r
     return FALSE;\r
   }\r
 \r
@@ -1888,18 +1889,20 @@ Asn1GetTag (
   IN     UINT32   Tag\r
   )\r
 {\r
-  UINT8  *PtrOld;\r
-  INT32  ObjTag;\r
-  INT32  ObjCls;\r
-  long   ObjLength;\r
+  UINT8   *PtrOld;\r
+  INT32   ObjTag;\r
+  INT32   ObjCls;\r
+  long    ObjLength;\r
+  UINT32  Inf;\r
 \r
   //\r
   // Save Ptr position\r
   //\r
   PtrOld = *Ptr;\r
 \r
-  ASN1_get_object ((CONST UINT8 **)Ptr, &ObjLength, &ObjTag, &ObjCls, (INT32)(End - (*Ptr)));\r
-  if ((ObjTag == (INT32)(Tag & CRYPTO_ASN1_TAG_VALUE_MASK)) &&\r
+  Inf = ASN1_get_object ((CONST UINT8 **)Ptr, &ObjLength, &ObjTag, &ObjCls, (INT32)(End - (*Ptr)));\r
+  if (((Inf & 0x80) == 0x00) &&\r
+      (ObjTag == (INT32)(Tag & CRYPTO_ASN1_TAG_VALUE_MASK)) &&\r
       (ObjCls == (INT32)(Tag & CRYPTO_ASN1_TAG_CLASS_MASK)))\r
   {\r
     *Length = (UINTN)ObjLength;\r