From 5d789ca4cd9121d81357b0edb75f500dfdcc9ab7 Mon Sep 17 00:00:00 2001
From: Peter Jones <pjones@redhat.com>
Date: Wed, 18 May 2022 15:13:47 -0400
Subject: Always initialize data/datasize before calling read_image()

scan-build noticed that there's a path where we'll pass some data from
the read_image() to e.g. the string functions, but it might be an
unassigned pointer on one of the code paths.  I don't think you can
actually hit it without returning from an error first, but best to
initialize these anyway.

This patch initializes data to NULL and datasize to 0.

Signed-off-by: Peter Jones <pjones@redhat.com>
---
 shim.c | 7 +++----
 1 file changed, 3 insertions(+), 4 deletions(-)

diff --git a/shim.c b/shim.c
index c4f9461a..80b11709 100644
--- a/shim.c
+++ b/shim.c
@@ -1138,7 +1138,7 @@ EFI_STATUS start_image(EFI_HANDLE image_handle, CHAR16 *ImagePath)
 	UINTN alloc_pages;
 	CHAR16 *PathName = NULL;
 	void *data = NULL;
-	int datasize;
+	int datasize = 0;
 
 	efi_status = read_image(image_handle, ImagePath, PathName, &data,
 				&datasize);
@@ -1402,13 +1402,12 @@ load_cert_file(EFI_HANDLE image_handle, CHAR16 *filename)
 	CHAR16 *PathName = NULL;
 	void *pointer;
 	UINT32 original;
-	int datasize;
-	void *data;
+	int datasize = 0;
+	void *data = NULL;
 	int i;
 
 	efi_status = read_image(image_handle, filename, PathName,
 				&data, &datasize);
-
 	if (EFI_ERROR(efi_status))
 		return efi_status;
 
-- 
cgit v1.2.3