From mboxrd@z Thu Jan  1 00:00:00 1970
Return-Path: <hao.a.wu@intel.com>
Received: from mga14.intel.com (mga14.intel.com [192.55.52.115])
 (using TLSv1 with cipher CAMELLIA256-SHA (256/256 bits))
 (No client certificate requested)
 by ml01.01.org (Postfix) with ESMTPS id 1D76B1A1EDE
 for <edk2-devel@lists.01.org>; Wed, 12 Oct 2016 05:21:14 -0700 (PDT)
Received: from orsmga002.jf.intel.com ([10.7.209.21])
 by fmsmga103.fm.intel.com with ESMTP; 12 Oct 2016 05:21:15 -0700
X-ExtLoop1: 1
X-IronPort-AV: E=Sophos;i="5.31,482,1473145200"; d="scan'208";a="1063788605"
Received: from shwdeopenpsi014.ccr.corp.intel.com ([10.239.9.34])
 by orsmga002.jf.intel.com with ESMTP; 12 Oct 2016 05:21:12 -0700
From: Hao Wu <hao.a.wu@intel.com>
To: edk2-devel@lists.01.org
Cc: Hao Wu <hao.a.wu@intel.com>, Liming Gao <liming.gao@intel.com>,
 Yonghong Zhu <yonghong.zhu@intel.com>
Date: Wed, 12 Oct 2016 20:19:52 +0800
Message-Id: <1476274836-10544-9-git-send-email-hao.a.wu@intel.com>
X-Mailer: git-send-email 1.9.5.msysgit.0
In-Reply-To: <1476274836-10544-1-git-send-email-hao.a.wu@intel.com>
References: <1476274836-10544-1-git-send-email-hao.a.wu@intel.com>
Subject: [PATCH 08/52] BaseTools/GenVtf: Avoid possible NULL pointer dereference
X-BeenThere: edk2-devel@lists.01.org
X-Mailman-Version: 2.1.21
Precedence: list
List-Id: EDK II Development  <edk2-devel.lists.01.org>
List-Unsubscribe: <https://lists.01.org/mailman/options/edk2-devel>,
 <mailto:edk2-devel-request@lists.01.org?subject=unsubscribe>
List-Archive: <http://lists.01.org/pipermail/edk2-devel/>
List-Post: <mailto:edk2-devel@lists.01.org>
List-Help: <mailto:edk2-devel-request@lists.01.org?subject=help>
List-Subscribe: <https://lists.01.org/mailman/listinfo/edk2-devel>,
 <mailto:edk2-devel-request@lists.01.org?subject=subscribe>
X-List-Received-Date: Wed, 12 Oct 2016 12:21:14 -0000

Cc: Liming Gao <liming.gao@intel.com>
Cc: Yonghong Zhu <yonghong.zhu@intel.com>
Contributed-under: TianoCore Contribution Agreement 1.0
Signed-off-by: Hao Wu <hao.a.wu@intel.com>
---
 BaseTools/Source/C/GenVtf/GenVtf.c | 10 ++++++++++
 1 file changed, 10 insertions(+)

diff --git a/BaseTools/Source/C/GenVtf/GenVtf.c b/BaseTools/Source/C/GenVtf/GenVtf.c
index f6765dd..b68d86a 100644
--- a/BaseTools/Source/C/GenVtf/GenVtf.c
+++ b/BaseTools/Source/C/GenVtf/GenVtf.c
@@ -1125,6 +1125,7 @@ Returns:
   EFI_ABORTED      - Aborted due to one of the many reasons like:
                       (a) Component Size greater than the specified size.
                       (b) Error opening files.
+                      (c) Fail to get the FIT table address.
 
   EFI_INVALID_PARAMETER     Value returned from call to UpdateEntryPoint()
   EFI_OUT_OF_RESOURCES      Memory allocation failure.
@@ -1240,6 +1241,10 @@ Returns:
   }
 
   GetNextAvailableFitPtr (&CompFitPtr);
+  if (CompFitPtr == NULL) {
+    free (Buffer);
+    return EFI_ABORTED;
+  }
 
   CompFitPtr->CompAddress = CompStartAddress | IPF_CACHE_BIT;
   if ((FileSize % 16) != 0) {
@@ -2652,6 +2657,7 @@ Returns:
     }
     SymFileName = VTF_SYM_FILE;
   } else {
+    assert (OutFileName1);
     INTN OutFileNameLen = strlen(OutFileName1);
     INTN NewIndex;
 
@@ -2665,6 +2671,10 @@ Returns:
     } else {
       INTN SymFileNameLen = NewIndex + 1 + strlen(VTF_SYM_FILE);
       SymFileName = malloc(SymFileNameLen + 1);
+      if (SymFileName == NULL) {
+        Error (NULL, 0, 4001, "Resource", "memory cannot be allocated!");
+        goto ERROR;
+      }
       memcpy(SymFileName, OutFileName1, NewIndex + 1);
       memcpy(SymFileName + NewIndex + 1, VTF_SYM_FILE, strlen(VTF_SYM_FILE));
       SymFileName[SymFileNameLen] = '\0';
-- 
1.9.5.msysgit.0