From: "Gao, Zhichao" <zhichao.gao@intel.com>
To: devel@edk2.groups.io
Cc: Jian J Wang <jian.j.wang@intel.com>,
Hao A Wu <hao.a.wu@intel.com>, Ray Ni <ray.ni@intel.com>,
Star Zeng <star.zeng@intel.com>
Subject: [PATCH] MdeModulePkg/CapsulePei: Add memory pointer check
Date: Tue, 25 Jun 2019 11:22:49 +0800 [thread overview]
Message-ID: <20190625032249.28116-1-zhichao.gao@intel.com> (raw)
REF: https://bugzilla.tianocore.org/show_bug.cgi?id=1935
Before use the memory that is allocated through AllocateZeroPool,
we should check the memory pointer is valid to avoid using the
NULL pointer.
Add check for VariableArrayAddress that is returned from
GetScatterGatherHeadEntries. If it is NULL, directly return
the error status.
Cc: Jian J Wang <jian.j.wang@intel.com>
Cc: Hao A Wu <hao.a.wu@intel.com>
Cc: Ray Ni <ray.ni@intel.com>
Cc: Star Zeng <star.zeng@intel.com>
Signed-off-by: Zhichao Gao <zhichao.gao@intel.com>
---
MdeModulePkg/Universal/CapsulePei/UefiCapsule.c | 6 +++++-
1 file changed, 5 insertions(+), 1 deletion(-)
diff --git a/MdeModulePkg/Universal/CapsulePei/UefiCapsule.c b/MdeModulePkg/Universal/CapsulePei/UefiCapsule.c
index 8d4ae69bb2..51afab7b05 100644
--- a/MdeModulePkg/Universal/CapsulePei/UefiCapsule.c
+++ b/MdeModulePkg/Universal/CapsulePei/UefiCapsule.c
@@ -965,6 +965,10 @@ GetScatterGatherHeadEntries (
//
if ((ValidIndex + 1) >= TempListLength) {
EnlargedTempList = AllocateZeroPool (TempListLength * 2);
+ if (EnlargedTempList == NULL) {
+ DEBUG ((DEBUG_ERROR, "Fail to allocate memory!\n"));
+ return EFI_OUT_OF_RESOURCES;
+ }
CopyMem (EnlargedTempList, TempList, TempListLength);
FreePool (TempList);
TempList = EnlargedTempList;
@@ -1056,7 +1060,7 @@ CapsuleCoalesce (
// Get SG list entries
//
Status = GetScatterGatherHeadEntries (&ListLength, &VariableArrayAddress);
- if (EFI_ERROR (Status)) {
+ if (EFI_ERROR (Status) || VariableArrayAddress == NULL) {
DEBUG ((DEBUG_ERROR, "%a failed to get Scatter Gather List Head Entries. Status = %r\n", __FUNCTION__, Status));
goto Done;
}
--
2.21.0.windows.1
next reply other threads:[~2019-06-25 3:22 UTC|newest]
Thread overview: 3+ messages / expand[flat|nested] mbox.gz Atom feed top
2019-06-25 3:22 Gao, Zhichao [this message]
2019-06-25 6:53 ` [PATCH] MdeModulePkg/CapsulePei: Add memory pointer check Wu, Hao A
2019-06-26 8:10 ` [edk2-devel] " Wu, Hao A
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-list from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20190625032249.28116-1-zhichao.gao@intel.com \
--to=devel@edk2.groups.io \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox