* [patch] MdeModulePkg/SetupBrowser:Add NULL check before using a pointer
@ 2017-09-22 1:56 Dandan Bi
2017-09-22 3:47 ` Wu, Hao A
0 siblings, 1 reply; 2+ messages in thread
From: Dandan Bi @ 2017-09-22 1:56 UTC (permalink / raw)
To: edk2-devel; +Cc: Eric Dong, Hao Wu
Add NULL pointer check before using a pointer to avoid possible
NULL pointer dereference.
Cc: Eric Dong <eric.dong@intel.com>
Cc: Hao Wu <hao.a.wu@intel.com>
Contributed-under: TianoCore Contribution Agreement 1.1
Signed-off-by: Dandan Bi <dandan.bi@intel.com>
---
MdeModulePkg/Universal/SetupBrowserDxe/Setup.c | 10 +++++-----
1 file changed, 5 insertions(+), 5 deletions(-)
diff --git a/MdeModulePkg/Universal/SetupBrowserDxe/Setup.c b/MdeModulePkg/Universal/SetupBrowserDxe/Setup.c
index 48beeb6..c2cfa5c 100644
--- a/MdeModulePkg/Universal/SetupBrowserDxe/Setup.c
+++ b/MdeModulePkg/Universal/SetupBrowserDxe/Setup.c
@@ -1484,11 +1484,13 @@ BufferToValue (
//
// Other type of Questions
//
if (Question->QuestionReferToBitField) {
Buffer = (UINT8 *)AllocateZeroPool (Question->StorageWidth);
- ASSERT (Buffer != NULL);
+ if (Buffer == NULL) {
+ return EFI_OUT_OF_RESOURCES;
+ }
Dst = Buffer;
} else {
Dst = (UINT8 *) &Question->HiiValue.Value;
}
}
@@ -1546,15 +1548,13 @@ BufferToValue (
}
}
*StringPtr = TempChar;
- if (Question->QuestionReferToBitField) {
+ if (Buffer != NULL && Question->QuestionReferToBitField) {
GetBitsQuestionValue (Question, Buffer);
- if (Buffer != NULL) {
- FreePool (Buffer);
- }
+ FreePool (Buffer);
}
return Status;
}
--
1.9.5.msysgit.1
^ permalink raw reply related [flat|nested] 2+ messages in thread
* Re: [patch] MdeModulePkg/SetupBrowser:Add NULL check before using a pointer
2017-09-22 1:56 [patch] MdeModulePkg/SetupBrowser:Add NULL check before using a pointer Dandan Bi
@ 2017-09-22 3:47 ` Wu, Hao A
0 siblings, 0 replies; 2+ messages in thread
From: Wu, Hao A @ 2017-09-22 3:47 UTC (permalink / raw)
To: Bi, Dandan, edk2-devel@lists.01.org; +Cc: Dong, Eric
Reviewed-by: Hao Wu <hao.a.wu@intel.com>
Best Regards,
Hao Wu
> -----Original Message-----
> From: Bi, Dandan
> Sent: Friday, September 22, 2017 9:57 AM
> To: edk2-devel@lists.01.org
> Cc: Dong, Eric; Wu, Hao A
> Subject: [patch] MdeModulePkg/SetupBrowser:Add NULL check before using a
> pointer
>
> Add NULL pointer check before using a pointer to avoid possible
> NULL pointer dereference.
>
> Cc: Eric Dong <eric.dong@intel.com>
> Cc: Hao Wu <hao.a.wu@intel.com>
> Contributed-under: TianoCore Contribution Agreement 1.1
> Signed-off-by: Dandan Bi <dandan.bi@intel.com>
> ---
> MdeModulePkg/Universal/SetupBrowserDxe/Setup.c | 10 +++++-----
> 1 file changed, 5 insertions(+), 5 deletions(-)
>
> diff --git a/MdeModulePkg/Universal/SetupBrowserDxe/Setup.c
> b/MdeModulePkg/Universal/SetupBrowserDxe/Setup.c
> index 48beeb6..c2cfa5c 100644
> --- a/MdeModulePkg/Universal/SetupBrowserDxe/Setup.c
> +++ b/MdeModulePkg/Universal/SetupBrowserDxe/Setup.c
> @@ -1484,11 +1484,13 @@ BufferToValue (
> //
> // Other type of Questions
> //
> if (Question->QuestionReferToBitField) {
> Buffer = (UINT8 *)AllocateZeroPool (Question->StorageWidth);
> - ASSERT (Buffer != NULL);
> + if (Buffer == NULL) {
> + return EFI_OUT_OF_RESOURCES;
> + }
> Dst = Buffer;
> } else {
> Dst = (UINT8 *) &Question->HiiValue.Value;
> }
> }
> @@ -1546,15 +1548,13 @@ BufferToValue (
> }
> }
>
> *StringPtr = TempChar;
>
> - if (Question->QuestionReferToBitField) {
> + if (Buffer != NULL && Question->QuestionReferToBitField) {
> GetBitsQuestionValue (Question, Buffer);
> - if (Buffer != NULL) {
> - FreePool (Buffer);
> - }
> + FreePool (Buffer);
> }
>
> return Status;
> }
>
> --
> 1.9.5.msysgit.1
^ permalink raw reply [flat|nested] 2+ messages in thread
end of thread, other threads:[~2017-09-22 3:44 UTC | newest]
Thread overview: 2+ messages (download: mbox.gz follow: Atom feed
-- links below jump to the message on this page --
2017-09-22 1:56 [patch] MdeModulePkg/SetupBrowser:Add NULL check before using a pointer Dandan Bi
2017-09-22 3:47 ` Wu, Hao A
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox