1 files changed, 10 insertions, 16 deletions

diff --git a/shim.c b/shim.c
index fe73ec1a..ea8eba81 100644
--- a/shim.c
+++ b/shim.c
@@ -1609,16 +1609,15 @@ static EFI_STATUS check_mok_sb (void)
 {
 	EFI_GUID shim_lock_guid = SHIM_LOCK_GUID;
 	EFI_STATUS status = EFI_SUCCESS;
-	UINT8 *MokSBState = NULL;
-	UINTN MokSBStateSize = 0;
+	UINT8 MokSBState;
+	UINTN MokSBStateSize = sizeof(MokSBState);
 	UINT32 attributes;
 
 	user_insecure_mode = 0;
 	ignore_db = 0;
 
-	status = get_variable_attr(L"MokSBState", &MokSBState, &MokSBStateSize,
-				   shim_lock_guid, &attributes);
-
+	status = uefi_call_wrapper(RT->GetVariable, 5, L"MokSBState", &shim_lock_guid,
+				   &attributes, &MokSBStateSize, &MokSBState);
 	if (status != EFI_SUCCESS)
 		return EFI_ACCESS_DENIED;
 
@@ -1633,13 +1632,11 @@ static EFI_STATUS check_mok_sb (void)
 		}
 		status = EFI_ACCESS_DENIED;
 	} else {
-		if (*(UINT8 *)MokSBState == 1) {
+		if (MokSBState == 1) {
 			user_insecure_mode = 1;
 		}
 	}
 
-	FreePool(MokSBState);
-
 	return status;
 }
 
@@ -1651,13 +1648,12 @@ static EFI_STATUS check_mok_db (void)
 {
 	EFI_GUID shim_lock_guid = SHIM_LOCK_GUID;
 	EFI_STATUS status = EFI_SUCCESS;
-	UINT8 *MokDBState = NULL;
-	UINTN MokDBStateSize = 0;
+	UINT8 MokDBState;
+	UINTN MokDBStateSize = sizeof(MokDBStateSize);
 	UINT32 attributes;
 
-	status = get_variable_attr(L"MokDBState", &MokDBState, &MokDBStateSize,
-			shim_lock_guid, &attributes);
-
+	status = uefi_call_wrapper(RT->GetVariable, 5, L"MokDBState", &shim_lock_guid,
+				   &attributes, &MokDBStateSize, &MokDBState);
 	if (status != EFI_SUCCESS)
 		return EFI_ACCESS_DENIED;
 
@@ -1674,13 +1670,11 @@ static EFI_STATUS check_mok_db (void)
 		}
 		status = EFI_ACCESS_DENIED;
 	} else {
-		if (*(UINT8 *)MokDBState == 1) {
+		if (MokDBState == 1) {
 			ignore_db = 1;
 		}
 	}
 
-	FreePool(MokDBState);
-
 	return status;
 }