Fix potential NULL pointer dereference in vboot_kernel.c

In the unlikely case that params is not set or the LoadKernelParams
structure is not initialized correctly, LoadKernel will exit before
initializing shcall. However, in LoadKernelExit it will be used to
stire the function's return code, thus potentially dereferencing a
NULL pointer.

BUG=chrome-os-partner:6307
TEST=compile tested.

Change-Id: I691c6b5054d8f77296de86834b3125de06e0e398
Reviewed-on: http://gerrit.chromium.org/gerrit/9791
Tested-by: Stefan Reinauer <reinauer@google.com>
Reviewed-by: Bill Richardson <wfrichar@chromium.org>
Reviewed-by: Randall Spangler <rspangler@chromium.org>
Commit-Ready: Stefan Reinauer <reinauer@chromium.org>
diff --git a/firmware/lib/vboot_kernel.c b/firmware/lib/vboot_kernel.c
index 6f8029a..e38c470 100644
--- a/firmware/lib/vboot_kernel.c
+++ b/firmware/lib/vboot_kernel.c
@@ -538,7 +538,10 @@
   VbNvSet(vnc, VBNV_RECOVERY_REQUEST, VBERROR_SUCCESS != retval ?
           recovery : VBNV_RECOVERY_NOT_REQUESTED);
 
-  shcall->return_code = (uint8_t)retval;
+  /* If LoadKernel was called with bad parameters,
+   * shcall may not be initialized. */
+  if (shcall)
+    shcall->return_code = (uint8_t)retval;
 
   /* Save whether the good partition's key block was fully verified */
   if (good_partition_key_block_valid)