From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Received: from mga09.intel.com (mga09.intel.com [134.134.136.24]) (using TLSv1 with cipher CAMELLIA256-SHA (256/256 bits)) (No client certificate requested) by ml01.01.org (Postfix) with ESMTPS id 1E09881D5D for ; Thu, 3 Nov 2016 00:23:20 -0700 (PDT) Received: from orsmga003.jf.intel.com ([10.7.209.27]) by orsmga102.jf.intel.com with ESMTP; 03 Nov 2016 00:23:21 -0700 X-ExtLoop1: 1 X-IronPort-AV: E=Sophos;i="5.31,585,1473145200"; d="scan'208";a="897185055" Received: from shwdeopenpsi014.ccr.corp.intel.com ([10.239.9.34]) by orsmga003.jf.intel.com with ESMTP; 03 Nov 2016 00:23:20 -0700 From: Hao Wu To: edk2-devel@lists.01.org Cc: Hao Wu , Liming Gao , Yonghong Zhu Date: Thu, 3 Nov 2016 15:22:17 +0800 Message-Id: <1478157783-9368-8-git-send-email-hao.a.wu@intel.com> X-Mailer: git-send-email 1.9.5.msysgit.0 In-Reply-To: <1478157783-9368-1-git-send-email-hao.a.wu@intel.com> References: <1478157783-9368-1-git-send-email-hao.a.wu@intel.com> Subject: [PATCH v2 07/53] BaseTools/GenSec: Avoid possible NULL pointer dereference X-BeenThere: edk2-devel@lists.01.org X-Mailman-Version: 2.1.21 Precedence: list List-Id: EDK II Development List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Thu, 03 Nov 2016 07:23:20 -0000 Cc: Liming Gao Cc: Yonghong Zhu Contributed-under: TianoCore Contribution Agreement 1.0 Signed-off-by: Hao Wu --- BaseTools/Source/C/GenSec/GenSec.c | 18 ++++++++++++++++-- 1 file changed, 16 insertions(+), 2 deletions(-) diff --git a/BaseTools/Source/C/GenSec/GenSec.c b/BaseTools/Source/C/GenSec/GenSec.c index d2bf102..0129e4e 100644 --- a/BaseTools/Source/C/GenSec/GenSec.c +++ b/BaseTools/Source/C/GenSec/GenSec.c @@ -1,7 +1,7 @@ /** @file Creates output file that is a properly formed section per the PI spec. -Copyright (c) 2004 - 2014, Intel Corporation. All rights reserved.
+Copyright (c) 2004 - 2016, Intel Corporation. All rights reserved.
This program and the accompanying materials are licensed and made available under the terms and conditions of the BSD License which accompanies this distribution. The full text of the license may be found at @@ -667,6 +667,10 @@ Returns: return Status; } + if (FileBuffer == NULL) { + return EFI_OUT_OF_RESOURCES; + } + CompressFunction = NULL; // @@ -731,6 +735,10 @@ Returns: return Status; } + + if (FileBuffer == NULL) { + return EFI_OUT_OF_RESOURCES; + } } DebugMsg (NULL, 0, 9, "comprss file size", @@ -889,6 +897,10 @@ Returns: return Status; } + if (FileBuffer == NULL) { + return EFI_OUT_OF_RESOURCES; + } + if (InputLength == 0) { Error (NULL, 0, 2000, "Invalid parameter", "the size of input file %s can't be zero", InputFileName); return EFI_NOT_FOUND; @@ -1365,7 +1377,9 @@ Returns: // // GuidValue is only required by Guided section. // - if ((SectType != EFI_SECTION_GUID_DEFINED) && (CompareGuid (&VendorGuid, &mZeroGuid) != 0)) { + if ((SectType != EFI_SECTION_GUID_DEFINED) && + (SectionName != NULL) && + (CompareGuid (&VendorGuid, &mZeroGuid) != 0)) { fprintf (stdout, "Warning: the input guid value is not required for this section type %s\n", SectionName); } -- 1.9.5.msysgit.0