From 2cac6fd25fb1a9774d25fcb4ea2441cf4c5fcec1 Mon Sep 17 00:00:00 2001
From: Download-Fritz <download-fritz@outlook.com>
Date: Wed, 13 Nov 2019 21:27:59 +0100
Subject: [PATCH] OcAppleImageVerification: Fix function prototype A callee
 should never free caller data for design reasons. Return the caller parameter
 in the future if it is ever required for any other API.

---
 Include/Library/OcAppleImageVerificationLib.h |  3 +-
 .../OcAppleImageVerification.c                | 37 ++++++++-----------
 2 files changed, 17 insertions(+), 23 deletions(-)

diff --git a/Include/Library/OcAppleImageVerificationLib.h b/Include/Library/OcAppleImageVerificationLib.h
index 089132e7..57f76a57 100644
--- a/Include/Library/OcAppleImageVerificationLib.h
+++ b/Include/Library/OcAppleImageVerificationLib.h
@@ -85,8 +85,7 @@ GetApplePeImageSha256 (
 EFI_STATUS
 VerifyApplePeImageSignature (
   IN OUT VOID                                *PeImage,
-  IN OUT UINTN                               *ImageSize,
-  IN OUT APPLE_PE_COFF_LOADER_IMAGE_CONTEXT  *Context OPTIONAL
+  IN OUT UINTN                               *ImageSize
   );
 
 #endif //APPLE_DXE_IMAGE_VERIFICATION_H
diff --git a/Library/OcAppleImageVerificationLib/OcAppleImageVerification.c b/Library/OcAppleImageVerificationLib/OcAppleImageVerification.c
index 079399bb..2594ef45 100644
--- a/Library/OcAppleImageVerificationLib/OcAppleImageVerification.c
+++ b/Library/OcAppleImageVerificationLib/OcAppleImageVerification.c
@@ -581,31 +581,26 @@ GetApplePeImageSha256 (
 EFI_STATUS
 VerifyApplePeImageSignature (
   IN OUT VOID                                *PeImage,
-  IN OUT UINTN                               *ImageSize,
-  IN OUT APPLE_PE_COFF_LOADER_IMAGE_CONTEXT  *Context OPTIONAL
+  IN OUT UINTN                               *ImageSize
   )
 {
-  UINTN                    Index                       = 0;
-  APPLE_SIGNATURE_CONTEXT  *SignatureContext           = NULL;
-  OC_RSA_PUBLIC_KEY        *Pk                         = NULL;
+  UINTN                              Index             = 0;
+  APPLE_SIGNATURE_CONTEXT            *SignatureContext = NULL;
+  OC_RSA_PUBLIC_KEY                  *Pk               = NULL;
+  APPLE_PE_COFF_LOADER_IMAGE_CONTEXT *Context          = NULL;
 
-  //
-  // Build context if not present
-  //
+  Context = AllocateZeroPool (sizeof (APPLE_PE_COFF_LOADER_IMAGE_CONTEXT));
   if (Context == NULL) {
-    Context = AllocateZeroPool (sizeof (APPLE_PE_COFF_LOADER_IMAGE_CONTEXT));
-    if (Context == NULL) {
-      DEBUG ((DEBUG_WARN, "Pe context allocation failure\n"));
-      return EFI_OUT_OF_RESOURCES;
-    }
-    //
-    // Build PE context
-    //
-    if (EFI_ERROR (BuildPeContext (PeImage, *ImageSize, Context))) {
-      DEBUG ((DEBUG_WARN, "Malformed ApplePeImage\n"));
-      FreePool (Context);
-      return EFI_INVALID_PARAMETER;
-    }
+    DEBUG ((DEBUG_WARN, "Pe context allocation failure\n"));
+    return EFI_OUT_OF_RESOURCES;
+  }
+  //
+  // Build PE context
+  //
+  if (EFI_ERROR (BuildPeContext (PeImage, *ImageSize, Context))) {
+    DEBUG ((DEBUG_WARN, "Malformed ApplePeImage\n"));
+    FreePool (Context);
+    return EFI_INVALID_PARAMETER;
   }
 
   //