From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Received-SPF: Pass (sender SPF authorized) identity=mailfrom; client-ip=192.55.52.120; helo=mga04.intel.com; envelope-from=jian.j.wang@intel.com; receiver=edk2-devel@lists.01.org Received: from mga04.intel.com (mga04.intel.com [192.55.52.120]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ml01.01.org (Postfix) with ESMTPS id 083E421B02822 for ; Tue, 6 Nov 2018 23:12:56 -0800 (PST) X-Amp-Result: SKIPPED(no attachment in message) X-Amp-File-Uploaded: False Received: from fmsmga006.fm.intel.com ([10.253.24.20]) by fmsmga104.fm.intel.com with ESMTP/TLS/DHE-RSA-AES256-GCM-SHA384; 06 Nov 2018 23:12:55 -0800 X-ExtLoop1: 1 X-IronPort-AV: E=Sophos;i="5.54,474,1534834800"; d="scan'208";a="278997492" Received: from shwdeopenpsi777.ccr.corp.intel.com ([10.239.158.27]) by fmsmga006.fm.intel.com with ESMTP; 06 Nov 2018 23:12:54 -0800 From: Jian J Wang To: edk2-devel@lists.01.org Cc: Star Zeng , Jiewen Yao , Ruiyu Ni , Leif Lindholm Date: Wed, 7 Nov 2018 15:12:47 +0800 Message-Id: <20181107071248.6340-2-jian.j.wang@intel.com> X-Mailer: git-send-email 2.16.2.windows.1 In-Reply-To: <20181107071248.6340-1-jian.j.wang@intel.com> References: <20181107071248.6340-1-jian.j.wang@intel.com> Subject: [PATCH v3 1/2] MdeModulePkg/Core: fill logic hole in MemoryProtectionCpuArchProtocolNotify X-BeenThere: edk2-devel@lists.01.org X-Mailman-Version: 2.1.29 Precedence: list List-Id: EDK II Development List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Wed, 07 Nov 2018 07:12:56 -0000 > v3: fixed one more memory leak in the same function and updated > commit message accordingly. At the end of of MemoryProtectionCpuArchProtocolNotify there's cleanup code to free resource. But at line 978, 994, 1005 the function returns directly. This patch use "goto" to replace "return" to make sure the resource is freed before exit. 1029: CoreCloseEvent (Event); 1030: return; There's another memory leak after calling gBS->LocateHandleBuffer() in the same function: Status = gBS->LocateHandleBuffer ( ByProtocol, &gEfiLoadedImageProtocolGuid, NULL, &NoHandles, &HandleBuffer ); HandleBuffer is allocated in above call but never freed. This patch will also add code to free it. Cc: Star Zeng Cc: Jiewen Yao Cc: Ruiyu Ni Cc: Leif Lindholm Contributed-under: TianoCore Contribution Agreement 1.1 Signed-off-by: Jian J Wang --- MdeModulePkg/Core/Dxe/Misc/MemoryProtection.c | 9 +++++---- 1 file changed, 5 insertions(+), 4 deletions(-) diff --git a/MdeModulePkg/Core/Dxe/Misc/MemoryProtection.c b/MdeModulePkg/Core/Dxe/Misc/MemoryProtection.c index 6298b67db1..8a93c5362a 100644 --- a/MdeModulePkg/Core/Dxe/Misc/MemoryProtection.c +++ b/MdeModulePkg/Core/Dxe/Misc/MemoryProtection.c @@ -975,7 +975,7 @@ MemoryProtectionCpuArchProtocolNotify ( DEBUG ((DEBUG_INFO, "MemoryProtectionCpuArchProtocolNotify:\n")); Status = CoreLocateProtocol (&gEfiCpuArchProtocolGuid, NULL, (VOID **)&gCpu); if (EFI_ERROR (Status)) { - return; + goto Done; } // @@ -991,7 +991,7 @@ MemoryProtectionCpuArchProtocolNotify ( HeapGuardCpuArchProtocolNotify (); if (mImageProtectionPolicy == 0) { - return; + goto Done; } Status = gBS->LocateHandleBuffer ( @@ -1002,7 +1002,7 @@ MemoryProtectionCpuArchProtocolNotify ( &HandleBuffer ); if (EFI_ERROR (Status) && (NoHandles == 0)) { - return ; + goto Done; } for (Index = 0; Index < NoHandles; Index++) { @@ -1025,9 +1025,10 @@ MemoryProtectionCpuArchProtocolNotify ( ProtectUefiImage (LoadedImage, LoadedImageDevicePath); } + FreePool (HandleBuffer); +Done: CoreCloseEvent (Event); - return; } /** -- 2.16.2.windows.1