From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Received-SPF: Pass (sender SPF authorized) identity=mailfrom; client-ip=134.134.136.20; helo=mga02.intel.com; envelope-from=jiaxin.wu@intel.com; receiver=edk2-devel@lists.01.org Received: from mga02.intel.com (mga02.intel.com [134.134.136.20]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ml01.01.org (Postfix) with ESMTPS id 678402035625F for ; Mon, 4 Dec 2017 22:55:05 -0800 (PST) Received: from orsmga008.jf.intel.com ([10.7.209.65]) by orsmga101.jf.intel.com with ESMTP/TLS/DHE-RSA-AES256-GCM-SHA384; 04 Dec 2017 22:59:36 -0800 X-ExtLoop1: 1 X-IronPort-AV: E=Sophos;i="5.45,363,1508828400"; d="scan'208";a="157595" Received: from jiaxinwu-mobl2.ccr.corp.intel.com ([10.239.196.96]) by orsmga008.jf.intel.com with ESMTP; 04 Dec 2017 22:59:34 -0800 From: Jiaxin Wu To: edk2-devel@lists.01.org Cc: Ye Ting , Fu Siyuan , Wang Fan , Wu Jiaxin Date: Tue, 5 Dec 2017 14:59:21 +0800 Message-Id: <1512457162-9296-4-git-send-email-jiaxin.wu@intel.com> X-Mailer: git-send-email 1.9.5.msysgit.1 In-Reply-To: <1512457162-9296-1-git-send-email-jiaxin.wu@intel.com> References: <1512457162-9296-1-git-send-email-jiaxin.wu@intel.com> Subject: [Patch 3/4] NetworkPkg/DnsDxe: Fix the potential memory leak issue. X-BeenThere: edk2-devel@lists.01.org X-Mailman-Version: 2.1.22 Precedence: list List-Id: EDK II Development List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Tue, 05 Dec 2017 06:55:05 -0000 Cc: Ye Ting Cc: Fu Siyuan Cc: Wang Fan Contributed-under: TianoCore Contribution Agreement 1.0 Signed-off-by: Wu Jiaxin --- NetworkPkg/DnsDxe/DnsImpl.c | 131 ++++++++++++++++++++++++++++++++++++++++---- 1 file changed, 121 insertions(+), 10 deletions(-) diff --git a/NetworkPkg/DnsDxe/DnsImpl.c b/NetworkPkg/DnsDxe/DnsImpl.c index 7c236a0..7057bfb 100644 --- a/NetworkPkg/DnsDxe/DnsImpl.c +++ b/NetworkPkg/DnsDxe/DnsImpl.c @@ -790,10 +790,14 @@ UpdateDns4Cache ( if (DeleteFlag) { // // Delete matching DNS Cache entry // RemoveEntryList (&Item->AllCacheLink); + + FreePool (Item->DnsCache.HostName); + FreePool (Item->DnsCache.IpAddress); + FreePool (Item); return EFI_SUCCESS; } else if (Override) { // // Update this one @@ -817,17 +821,20 @@ UpdateDns4Cache ( InitializeListHead (&NewDnsCache->AllCacheLink); NewDnsCache->DnsCache.HostName = AllocatePool (StrSize (DnsCacheEntry.HostName)); if (NewDnsCache->DnsCache.HostName == NULL) { + FreePool (NewDnsCache); return EFI_OUT_OF_RESOURCES; } CopyMem (NewDnsCache->DnsCache.HostName, DnsCacheEntry.HostName, StrSize (DnsCacheEntry.HostName)); NewDnsCache->DnsCache.IpAddress = AllocatePool (sizeof (EFI_IPv4_ADDRESS)); - if (NewDnsCache->DnsCache.IpAddress == NULL) { + if (NewDnsCache->DnsCache.IpAddress == NULL) { + FreePool (NewDnsCache->DnsCache.HostName); + FreePool (NewDnsCache); return EFI_OUT_OF_RESOURCES; } CopyMem (NewDnsCache->DnsCache.IpAddress, DnsCacheEntry.IpAddress, sizeof (EFI_IPv4_ADDRESS)); @@ -882,10 +889,14 @@ UpdateDns6Cache ( // // Delete matching DNS Cache entry // RemoveEntryList (&Item->AllCacheLink); + FreePool (Item->DnsCache.HostName); + FreePool (Item->DnsCache.IpAddress); + FreePool (Item); + return EFI_SUCCESS; } else if (Override) { // // Update this one // @@ -908,17 +919,20 @@ UpdateDns6Cache ( InitializeListHead (&NewDnsCache->AllCacheLink); NewDnsCache->DnsCache.HostName = AllocatePool (StrSize (DnsCacheEntry.HostName)); if (NewDnsCache->DnsCache.HostName == NULL) { + FreePool (NewDnsCache); return EFI_OUT_OF_RESOURCES; } CopyMem (NewDnsCache->DnsCache.HostName, DnsCacheEntry.HostName, StrSize (DnsCacheEntry.HostName)); NewDnsCache->DnsCache.IpAddress = AllocatePool (sizeof (EFI_IPv6_ADDRESS)); - if (NewDnsCache->DnsCache.IpAddress == NULL) { + if (NewDnsCache->DnsCache.IpAddress == NULL) { + FreePool (NewDnsCache->DnsCache.HostName); + FreePool (NewDnsCache); return EFI_OUT_OF_RESOURCES; } CopyMem (NewDnsCache->DnsCache.IpAddress, DnsCacheEntry.IpAddress, sizeof (EFI_IPv6_ADDRESS)); @@ -1254,31 +1268,31 @@ ParseDnsResponse ( if (Dns4TokenEntry->GeneralLookUp) { // // It's the GeneralLookUp querying. // - Dns4TokenEntry->Token->RspData.GLookupData = AllocatePool (sizeof (DNS_RESOURCE_RECORD)); + Dns4TokenEntry->Token->RspData.GLookupData = AllocateZeroPool (sizeof (DNS_RESOURCE_RECORD)); if (Dns4TokenEntry->Token->RspData.GLookupData == NULL) { Status = EFI_OUT_OF_RESOURCES; goto ON_EXIT; } - Dns4TokenEntry->Token->RspData.GLookupData->RRList = AllocatePool (DnsHeader->AnswersNum * sizeof (DNS_RESOURCE_RECORD)); + Dns4TokenEntry->Token->RspData.GLookupData->RRList = AllocateZeroPool (DnsHeader->AnswersNum * sizeof (DNS_RESOURCE_RECORD)); if (Dns4TokenEntry->Token->RspData.GLookupData->RRList == NULL) { Status = EFI_OUT_OF_RESOURCES; goto ON_EXIT; } } else { // // It's not the GeneralLookUp querying. Check the Query type. // if (QuerySection->Type == DNS_TYPE_A) { - Dns4TokenEntry->Token->RspData.H2AData = AllocatePool (sizeof (DNS_HOST_TO_ADDR_DATA)); + Dns4TokenEntry->Token->RspData.H2AData = AllocateZeroPool (sizeof (DNS_HOST_TO_ADDR_DATA)); if (Dns4TokenEntry->Token->RspData.H2AData == NULL) { Status = EFI_OUT_OF_RESOURCES; goto ON_EXIT; } - Dns4TokenEntry->Token->RspData.H2AData->IpList = AllocatePool (DnsHeader->AnswersNum * sizeof (EFI_IPv4_ADDRESS)); + Dns4TokenEntry->Token->RspData.H2AData->IpList = AllocateZeroPool (DnsHeader->AnswersNum * sizeof (EFI_IPv4_ADDRESS)); if (Dns4TokenEntry->Token->RspData.H2AData->IpList == NULL) { Status = EFI_OUT_OF_RESOURCES; goto ON_EXIT; } } else { @@ -1291,31 +1305,31 @@ ParseDnsResponse ( if (Dns6TokenEntry->GeneralLookUp) { // // It's the GeneralLookUp querying. // - Dns6TokenEntry->Token->RspData.GLookupData = AllocatePool (sizeof (DNS_RESOURCE_RECORD)); + Dns6TokenEntry->Token->RspData.GLookupData = AllocateZeroPool (sizeof (DNS_RESOURCE_RECORD)); if (Dns6TokenEntry->Token->RspData.GLookupData == NULL) { Status = EFI_OUT_OF_RESOURCES; goto ON_EXIT; } - Dns6TokenEntry->Token->RspData.GLookupData->RRList = AllocatePool (DnsHeader->AnswersNum * sizeof (DNS_RESOURCE_RECORD)); + Dns6TokenEntry->Token->RspData.GLookupData->RRList = AllocateZeroPool (DnsHeader->AnswersNum * sizeof (DNS_RESOURCE_RECORD)); if (Dns6TokenEntry->Token->RspData.GLookupData->RRList == NULL) { Status = EFI_OUT_OF_RESOURCES; goto ON_EXIT; } } else { // // It's not the GeneralLookUp querying. Check the Query type. // if (QuerySection->Type == DNS_TYPE_AAAA) { - Dns6TokenEntry->Token->RspData.H2AData = AllocatePool (sizeof (DNS6_HOST_TO_ADDR_DATA)); + Dns6TokenEntry->Token->RspData.H2AData = AllocateZeroPool (sizeof (DNS6_HOST_TO_ADDR_DATA)); if (Dns6TokenEntry->Token->RspData.H2AData == NULL) { Status = EFI_OUT_OF_RESOURCES; goto ON_EXIT; } - Dns6TokenEntry->Token->RspData.H2AData->IpList = AllocatePool (DnsHeader->AnswersNum * sizeof (EFI_IPv6_ADDRESS)); + Dns6TokenEntry->Token->RspData.H2AData->IpList = AllocateZeroPool (DnsHeader->AnswersNum * sizeof (EFI_IPv6_ADDRESS)); if (Dns6TokenEntry->Token->RspData.H2AData->IpList == NULL) { Status = EFI_OUT_OF_RESOURCES; goto ON_EXIT; } } else { @@ -1601,10 +1615,101 @@ ON_COMPLETE: DispatchDpc (); } } ON_EXIT: + // + // Free the allocated buffer if error happen. + // + if (EFI_ERROR (Status)) { + if (Dns4TokenEntry != NULL) { + if (Dns4TokenEntry->GeneralLookUp) { + if (Dns4TokenEntry->Token->RspData.GLookupData != NULL) { + if (Dns4TokenEntry->Token->RspData.GLookupData->RRList != NULL) { + while (RRCount != 0) { + RRCount --; + if (Dns4TokenEntry->Token->RspData.GLookupData->RRList[RRCount].QName != NULL) { + FreePool (Dns4TokenEntry->Token->RspData.GLookupData->RRList[RRCount].QName); + } + + if (Dns4TokenEntry->Token->RspData.GLookupData->RRList[RRCount].RData != NULL) { + FreePool (Dns4TokenEntry->Token->RspData.GLookupData->RRList[RRCount].RData); + } + } + + FreePool (Dns4TokenEntry->Token->RspData.GLookupData->RRList); + } + + FreePool (Dns4TokenEntry->Token->RspData.GLookupData); + } + } else { + if (QuerySection->Type == DNS_TYPE_A && Dns4TokenEntry->Token->RspData.H2AData != NULL) { + if (Dns4TokenEntry->Token->RspData.H2AData->IpList != NULL) { + FreePool (Dns4TokenEntry->Token->RspData.H2AData->IpList); + } + + FreePool (Dns4TokenEntry->Token->RspData.H2AData); + } + } + } + + if (Dns6TokenEntry != NULL) { + if (Dns6TokenEntry->GeneralLookUp) { + if (Dns6TokenEntry->Token->RspData.GLookupData != NULL) { + if (Dns6TokenEntry->Token->RspData.GLookupData->RRList != NULL) { + while (RRCount != 0) { + RRCount --; + if (Dns6TokenEntry->Token->RspData.GLookupData->RRList[RRCount].QName != NULL) { + FreePool (Dns6TokenEntry->Token->RspData.GLookupData->RRList[RRCount].QName); + } + + if (Dns6TokenEntry->Token->RspData.GLookupData->RRList[RRCount].RData != NULL) { + FreePool (Dns6TokenEntry->Token->RspData.GLookupData->RRList[RRCount].RData); + } + } + + FreePool (Dns6TokenEntry->Token->RspData.GLookupData->RRList); + } + + FreePool (Dns6TokenEntry->Token->RspData.GLookupData); + } + } else { + if (QuerySection->Type == DNS_TYPE_AAAA && Dns6TokenEntry->Token->RspData.H2AData != NULL) { + if (Dns6TokenEntry->Token->RspData.H2AData->IpList != NULL) { + FreePool (Dns6TokenEntry->Token->RspData.H2AData->IpList); + } + + FreePool (Dns6TokenEntry->Token->RspData.H2AData); + } + } + } + + if (Dns4CacheEntry != NULL) { + if (Dns4CacheEntry->HostName != NULL) { + FreePool (Dns4CacheEntry->HostName); + } + + if (Dns4CacheEntry->IpAddress != NULL) { + FreePool (Dns4CacheEntry->IpAddress); + } + + FreePool (Dns4CacheEntry); + } + + if (Dns6CacheEntry != NULL) { + if (Dns6CacheEntry->HostName != NULL) { + FreePool (Dns6CacheEntry->HostName); + } + + if (Dns6CacheEntry->IpAddress != NULL) { + FreePool (Dns6CacheEntry->IpAddress); + } + + FreePool (Dns6CacheEntry); + } + } + gBS->RestoreTPL (OldTpl); return Status; } /** @@ -2051,10 +2156,13 @@ DnsOnTimerUpdate ( Entry = mDriverData->Dns4CacheList.ForwardLink; while (Entry != &mDriverData->Dns4CacheList) { Item4 = NET_LIST_USER_STRUCT (Entry, DNS4_CACHE, AllCacheLink); if (Item4->DnsCache.Timeout == 0) { RemoveEntryList (&Item4->AllCacheLink); + FreePool (Item4->DnsCache.HostName); + FreePool (Item4->DnsCache.IpAddress); + FreePool (Item4); Entry = mDriverData->Dns4CacheList.ForwardLink; } else { Entry = Entry->ForwardLink; } } @@ -2070,10 +2178,13 @@ DnsOnTimerUpdate ( Entry = mDriverData->Dns6CacheList.ForwardLink; while (Entry != &mDriverData->Dns6CacheList) { Item6 = NET_LIST_USER_STRUCT (Entry, DNS6_CACHE, AllCacheLink); if (Item6->DnsCache.Timeout == 0) { RemoveEntryList (&Item6->AllCacheLink); + FreePool (Item6->DnsCache.HostName); + FreePool (Item6->DnsCache.IpAddress); + FreePool (Item6); Entry = mDriverData->Dns6CacheList.ForwardLink; } else { Entry = Entry->ForwardLink; } } -- 1.9.5.msysgit.1