OcAppleImageVerificationLib: Fix potential memory corruption

The reallocated pointer is not returned and thus lost locally (leak). Because ReallocatePool frees the old buffer on success, the caller pointers are unsafe after calling this function (potential corruption). Because the rest of the buffer is zero'd right before, there should be no security concern keeping the current buffer.
2025-12-08 19:25:01 +00:00 · 2019-11-13 09:39:09 +01:00 · 2019-11-13 09:39:09 +01:00 · 2ceee875bf
commit 2ceee875bf
parent 3e9ef5ac41
1 changed files with 0 additions and 8 deletions
--- a/Library/OcAppleImageVerificationLib/OcAppleImageVerification.c
+++ b/Library/OcAppleImageVerificationLib/OcAppleImageVerification.c
@ -548,14 +548,6 @@ SanitizeApplePeImage (
      (UINT8 *) Image + *RealImageSize,
      ImageSize - *RealImageSize
      );
-    //
-    // Reallocate file buffer
-    //
-    Image = ReallocatePool (
-              ImageSize,
-              *RealImageSize,
-              Image
-              );
  }
 }