From 2ceee875bf02bc99ae6daffa394e648cbbb4b717 Mon Sep 17 00:00:00 2001
From: Download-Fritz <download-fritz@outlook.com>
Date: Wed, 13 Nov 2019 09:39:09 +0100
Subject: [PATCH] OcAppleImageVerificationLib: Fix potential memory corruption
 The reallocated pointer is not returned and thus lost locally (leak). Because
 ReallocatePool frees the old buffer on success, the caller pointers are
 unsafe after calling this function (potential corruption). Because the rest
 of the buffer is zero'd right before, there should be no security concern
 keeping the current buffer.

---
 .../OcAppleImageVerification.c                            | 8 --------
 1 file changed, 8 deletions(-)

diff --git a/Library/OcAppleImageVerificationLib/OcAppleImageVerification.c b/Library/OcAppleImageVerificationLib/OcAppleImageVerification.c
index 1af7cb3d..3d3f2733 100644
--- a/Library/OcAppleImageVerificationLib/OcAppleImageVerification.c
+++ b/Library/OcAppleImageVerificationLib/OcAppleImageVerification.c
@@ -548,14 +548,6 @@ SanitizeApplePeImage (
       (UINT8 *) Image + *RealImageSize,
       ImageSize - *RealImageSize
       );
-    //
-    // Reallocate file buffer
-    //
-    Image = ReallocatePool (
-              ImageSize,
-              *RealImageSize,
-              Image
-              );
   }
 }