From 06b3ee2641aec3add981cec15b4de2fffc3a6b6a Mon Sep 17 00:00:00 2001
From: vit9696 <4348897+vit9696@users.noreply.github.com>
Date: Fri, 6 Sep 2019 23:43:11 +0300
Subject: [PATCH] OcBootManagementLib: Do not let BootNext override arguments

Change this after security model analysis.
---
 Library/OcBootManagementLib/DefaultEntryChoice.c | 4 ++++
 1 file changed, 4 insertions(+)

diff --git a/Library/OcBootManagementLib/DefaultEntryChoice.c b/Library/OcBootManagementLib/DefaultEntryChoice.c
index 2caa346f..5aa2185c 100644
--- a/Library/OcBootManagementLib/DefaultEntryChoice.c
+++ b/Library/OcBootManagementLib/DefaultEntryChoice.c
@@ -664,6 +664,7 @@ InternalGetDefaultBootEntry (
   }
 
   if (BootEntry != NULL) {
+#if 0
     if (IsBootNext) {
       //
       // BootNext is allowed to override both the exact file path as well as
@@ -675,6 +676,9 @@ InternalGetDefaultBootEntry (
     } else if (OptionalData != NULL) {
       FreePool (OptionalData);
     }
+#else
+    FreePool (OptionalData);
+#endif
 
     if (BootEntry->DevicePath != UefiDevicePath) {
       if (!IsAppleLegacy) {