From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Received: from mga14.intel.com (mga14.intel.com [192.55.52.115]) (using TLSv1 with cipher CAMELLIA256-SHA (256/256 bits)) (No client certificate requested) by ml01.01.org (Postfix) with ESMTPS id 628FF1A1E0F for ; Wed, 12 Oct 2016 05:21:02 -0700 (PDT) Received: from orsmga002.jf.intel.com ([10.7.209.21]) by fmsmga103.fm.intel.com with ESMTP; 12 Oct 2016 05:21:02 -0700 X-ExtLoop1: 1 X-IronPort-AV: E=Sophos;i="5.31,482,1473145200"; d="scan'208";a="1063788506" Received: from shwdeopenpsi014.ccr.corp.intel.com ([10.239.9.34]) by orsmga002.jf.intel.com with ESMTP; 12 Oct 2016 05:20:59 -0700 From: Hao Wu To: edk2-devel@lists.01.org Cc: Hao Wu , Liming Gao , Yonghong Zhu , Eric Dong , Dandan Bi Date: Wed, 12 Oct 2016 20:19:44 +0800 Message-Id: <1476274836-10544-1-git-send-email-hao.a.wu@intel.com> X-Mailer: git-send-email 1.9.5.msysgit.0 Subject: [PATCH 00/52] Resolve issues for C source codes in BaseTools X-BeenThere: edk2-devel@lists.01.org X-Mailman-Version: 2.1.21 Precedence: list List-Id: EDK II Development List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Wed, 12 Oct 2016 12:21:02 -0000 The patch series fixes the following types of issues for C source codes in BaseTools: 1. Avoid possible NULL pointer dereference 2. Initialize local variables before use 3. Remove unused local variables 4. Avoid accessing over array bounds 5. Resolve possible memory leak 6. Resolve file handles not being closed 7. Resolve possible buffer overflow in printf/scanf functions The patch series is also available at: https://github.com/hwu25/edk2/tree/BaseTools_V1 Cc: Liming Gao Cc: Yonghong Zhu Cc: Eric Dong Cc: Dandan Bi Hao Wu (52): BaseTools/C/Common: Avoid possible NULL pointer dereference BaseTools/EfiRom: Avoid possible NULL pointer dereference BaseTools/GenFfs: Avoid possible NULL pointer dereference BaseTools/GenFv: Avoid possible NULL pointer dereference BaseTools/GenFw: Avoid possible NULL pointer dereference BaseTools/GenPage: Avoid possible NULL pointer dereference BaseTools/GenSec: Avoid possible NULL pointer dereference BaseTools/GenVtf: Avoid possible NULL pointer dereference BaseTools/TianoCompress: Avoid possible NULL pointer dereference BaseTools/VfrCompile: Avoid possible NULL pointer dereference BaseTools/VolInfo: Avoid possible NULL pointer dereference BaseTools/TianoCompress: Initialize local variables before being used BaseTools/VfrCompile: Initialize local variables before being used BaseTools/GenBootSector: Fix parameter format mismatch in printf functions BaseTools/VolInfo: Fix parameter format mismatch in printf functions BaseTools/C/Common: Fix parameter format mismatch in scanf functions BaseTools/GenFv: Fix parameter format mismatch in scanf functions BaseTools/GenFw: Fix parameter format mismatch in scanf functions BaseTools/GenVtf: Fix parameter format mismatch in scanf functions BaseTools/C/Common: Fix potential access over array bounds BaseTools/EfiRom: Fix potential access over array bounds BaseTools/GenFv: Fix potential access over array bounds BaseTools/TianoCompress: Fix potential access over array bounds BaseTools/VfrCompile: Fix potential access over array bounds BaseTools/VfrCompile: Avoid freeing memory with mismatched functions BaseTools/VfrCompile: Add assignment operator definition for some classes BaseTools/VfrCompile: Avoid freeing freed memory in classes BaseTools/VfrCompile: Remove unused local variables BaseTools/C/Common: Fix potential memory leak BaseTools/EfiRom: Fix potential memory leak BaseTools/GenFv: Fix potential memory leak BaseTools/GenPage: Fix potential memory leak BaseTools/GenSec: Fix potential memory leak BaseTools/GenVtf: Fix potential memory leak BaseTools/Split: Fix potential memory and resource leak BaseTools/TianoCompress: Fix potential memory leak BaseTools/VfrCompile: Fix potential memory leak BaseTools/VolInfo: Fix potential memory leak BaseTools/EfiRom: Fix file handles not being closed BaseTools/GenBootSector: Fix file handles not being closed BaseTools/GenCrc32: Fix file handles not being closed BaseTools/GenFv: Fix file handles not being closed BaseTools/GenVtf: Fix file handles not being closed BaseTools/LzmaCompress: Fix file handles not being closed BaseTools/TianoCompress: Fix file handles not being closed BaseTools/VolInfo: Fix file handles not being closed BaseTools/GenVtf: Fix potential buffer overflow in scanf functions BaseTools/VolInfo: Fix potential buffer overflow in scanf functions BaseTools/VfrCompile: Explicitly state format string for DebugMsg() BaseTools/VolInfo: Use hard-coded format string for calls to sprintf() BaseTools/VfrCompile/Pccts: Add virtual destructor for class DLGInputStream BaseTools/VfrCompile/Pccts: Make assignment operator not returning void BaseTools/Source/C/Common/BasePeCoff.c | 12 ++ BaseTools/Source/C/Common/CommonLib.c | 8 +- BaseTools/Source/C/Common/Decompress.c | 41 ++++-- BaseTools/Source/C/Common/EfiUtilityMsgs.c | 20 +-- BaseTools/Source/C/Common/FirmwareVolumeBuffer.c | 6 +- BaseTools/Source/C/Common/MemoryFile.c | 3 +- BaseTools/Source/C/Common/MyAlloc.c | 55 +++++++- .../Source/C/Common/ParseGuidedSectionTools.c | 21 ++-- BaseTools/Source/C/Common/ParseInf.c | 24 ++-- BaseTools/Source/C/Common/SimpleFileParsing.c | 14 +-- BaseTools/Source/C/Common/TianoCompress.c | 9 +- BaseTools/Source/C/EfiRom/EfiRom.c | 120 ++++++++++++------ BaseTools/Source/C/GenBootSector/GenBootSector.c | 43 ++++--- BaseTools/Source/C/GenCrc32/GenCrc32.c | 3 +- BaseTools/Source/C/GenFfs/GenFfs.c | 36 +++--- BaseTools/Source/C/GenFv/GenFv.c | 9 +- BaseTools/Source/C/GenFv/GenFvInternalLib.c | 83 ++++++++++-- BaseTools/Source/C/GenFw/Elf32Convert.c | 8 ++ BaseTools/Source/C/GenFw/Elf64Convert.c | 10 +- BaseTools/Source/C/GenFw/ElfConvert.c | 7 +- BaseTools/Source/C/GenFw/GenFw.c | 20 ++- BaseTools/Source/C/GenPage/GenPage.c | 12 +- BaseTools/Source/C/GenSec/GenSec.c | 27 +++- BaseTools/Source/C/GenVtf/GenVtf.c | 117 ++++++++++++++++- BaseTools/Source/C/LzmaCompress/LzmaCompress.c | 6 +- BaseTools/Source/C/Split/Split.c | 41 ++++-- BaseTools/Source/C/TianoCompress/TianoCompress.c | 68 ++++++---- BaseTools/Source/C/VfrCompile/Pccts/h/ATokPtr.h | 4 +- .../Source/C/VfrCompile/Pccts/h/ATokPtrImpl.h | 6 +- BaseTools/Source/C/VfrCompile/Pccts/h/DLexer.h | 3 + BaseTools/Source/C/VfrCompile/Pccts/h/DLexerBase.h | 4 + BaseTools/Source/C/VfrCompile/VfrCompiler.cpp | 140 ++++++++++++++++++--- BaseTools/Source/C/VfrCompile/VfrCompiler.h | 8 +- BaseTools/Source/C/VfrCompile/VfrError.cpp | 4 +- BaseTools/Source/C/VfrCompile/VfrError.h | 10 +- BaseTools/Source/C/VfrCompile/VfrFormPkg.cpp | 29 +++-- BaseTools/Source/C/VfrCompile/VfrFormPkg.h | 13 ++ BaseTools/Source/C/VfrCompile/VfrUtilityLib.cpp | 54 +++++--- BaseTools/Source/C/VfrCompile/VfrUtilityLib.h | 60 ++++++++- BaseTools/Source/C/VolInfo/VolInfo.c | 107 +++++++++++++--- 40 files changed, 1004 insertions(+), 261 deletions(-) -- 1.9.5.msysgit.0