public inbox for devel@edk2.groups.io
 help / color / mirror / Atom feed
From: Kalaivani P <kalaivanip@ami.com>
To: "devel@edk2.groups.io" <devel@edk2.groups.io>,
	Kalaivani P <kalaivanip@ami.com>
Cc: Sundaresan S <sundaresans@ami.com>,
	Vasudevan S <vasudevans@ami.com>, Arun K <arunk@ami.com>
Subject: [PATCH] Multiple Coverity issues were found from EDK2 ShellPkg
Date: Tue, 22 Nov 2022 12:34:04 +0000	[thread overview]
Message-ID: <20221122122806.1732-1-kalaivanip@ami.com> (raw)

 Attached is the report for Coverity issues identified in ShellPkg
 based on edk2-stable202205.

 Cc: Vasudevan Sambandan <vasudevans@ami.com>
 Cc: Sundaresan Selvaraj <sundaresans@ami.com>
 Cc: Arun k <arunk@ami.com>
 Signed-off-by: kalaivani P <kalaivanip@ami.com>
---
 ShellPkg/Application/Shell/ShellManParser.c   | 14 ++++++++-
 ShellPkg/Application/Shell/ShellProtocol.c    |  9 +++++-
 .../Library/UefiShellDebug1CommandsLib/Dblk.c | 12 +++++--
 .../HexEdit/BufferImage.c                     | 18 +++++++++--
 .../HexEdit/FileImage.c                       | 14 ++++++++-
 .../UefiShellDriver1CommandsLib/DrvCfg.c      |  9 +++++-
 .../Library/UefiShellLevel1CommandsLib/For.c  | 12 +++++++
 .../Library/UefiShellLevel1CommandsLib/If.c   | 12 +++++++
 .../Library/UefiShellLevel2CommandsLib/Vol.c  | 13 +++++++-
 .../Library/UefiShellLevel3CommandsLib/Help.c | 13 +++++++-
 ShellPkg/Library/UefiShellLib/UefiShellLib.c  | 31 ++++++++++++++++---
 11 files changed, 141 insertions(+), 16 deletions(-)

diff --git a/ShellPkg/Application/Shell/ShellManParser.c b/ShellPkg/Application/Shell/ShellManParser.c
index 5c823cd7f5..7310601231 100644
--- a/ShellPkg/Application/Shell/ShellManParser.c
+++ b/ShellPkg/Application/Shell/ShellManParser.c
@@ -1,3 +1,10 @@
+//***********************************************************************

+//*                                                                     *

+//*   Copyright (c) 1985-2022, American Megatrends International LLC.   *

+//*                                                                     *

+//*      All rights reserved. Subject to AMI licensing agreement.       *

+//*                                                                     *

+//***********************************************************************

 /** @file

   Provides interface to shell MAN file parser.



@@ -601,7 +608,12 @@ ProcessManFile (
   if (TempString != NULL) {

     FileHandle = ConvertEfiFileProtocolToShellHandle (CreateFileInterfaceMem (TRUE), NULL);

     HelpSize   = StrLen (TempString) * sizeof (CHAR16);

-    ShellWriteFile (FileHandle, &HelpSize, TempString);

+    //*** AMI PORTING BEGIN ***//

+    Status = ShellWriteFile (FileHandle, &HelpSize, TempString);

+    if (EFI_ERROR (Status)) {

+      return Status;

+    }

+    //*** AMI PORTING END ***//

     ShellSetFilePosition (FileHandle, 0);

     HelpSize  = 0;

     BriefSize = 0;

diff --git a/ShellPkg/Application/Shell/ShellProtocol.c b/ShellPkg/Application/Shell/ShellProtocol.c
index 509eb60e40..c106bcd49d 100644
--- a/ShellPkg/Application/Shell/ShellProtocol.c
+++ b/ShellPkg/Application/Shell/ShellProtocol.c
@@ -1,3 +1,10 @@
+//***********************************************************************

+//*                                                                     *

+//*   Copyright (c) 1985-2022, American Megatrends International LLC.   *

+//*                                                                     *

+//*      All rights reserved. Subject to AMI licensing agreement.       *

+//*                                                                     *

+//***********************************************************************

 /** @file

   Member functions of EFI_SHELL_PROTOCOL and functions for creation,

   manipulation, and initialization of EFI_SHELL_PROTOCOL.

@@ -2518,7 +2525,7 @@ ShellSearchHandle (
               EfiShellClose (ShellInfoNode->Handle);

               ShellInfoNode->Handle = NULL;

             }

-          } else if (!EFI_ERROR (Status)) {

+          } else if (!EFI_ERROR (Status) && (ShellInfoNode->FullName == NULL)) {  // AMI OVERRIDE

             //

             // should be a file

             //

diff --git a/ShellPkg/Library/UefiShellDebug1CommandsLib/Dblk.c b/ShellPkg/Library/UefiShellDebug1CommandsLib/Dblk.c
index 97a4b57a93..d18126213f 100644
--- a/ShellPkg/Library/UefiShellDebug1CommandsLib/Dblk.c
+++ b/ShellPkg/Library/UefiShellDebug1CommandsLib/Dblk.c
@@ -1,3 +1,10 @@
+//***********************************************************************

+//*                                                                     *

+//*   Copyright (c) 1985-2022, American Megatrends International LLC.   *

+//*                                                                     *

+//*      All rights reserved. Subject to AMI licensing agreement.       *

+//*                                                                     *

+//***********************************************************************

 /** @file

   Main file for Dblk shell Debug1 function.



@@ -45,8 +52,7 @@ DisplayTheBlocks (
   if (EFI_ERROR (Status)) {

     return (SHELL_NOT_FOUND);

   }

-

-  BufferSize = BlockIo->Media->BlockSize * BlockCount;

+  BufferSize = BlockIo->Media->BlockSize * (UINTN)BlockCount; // AMI OVERRIDE

   if (BlockIo->Media->IoAlign == 0) {

     BlockIo->Media->IoAlign = 1;

   }

@@ -55,7 +61,7 @@ DisplayTheBlocks (
     OriginalBuffer = AllocateZeroPool (BufferSize + BlockIo->Media->IoAlign);

     Buffer         = ALIGN_POINTER (OriginalBuffer, BlockIo->Media->IoAlign);

   } else {

-    ShellPrintEx (-1, -1, L"  BlockSize: 0x%08x, BlockCount: 0x%08x\r\n", BlockIo->Media->BlockSize, BlockCount);

+    ShellPrintEx (-1, -1, L"  BlockSize: 0x%08x, BlockCount: 0x%08x\r\n", BlockIo->Media->BlockSize,(UINTN)BlockCount); // AMI OVERRIDE

     OriginalBuffer = NULL;

     Buffer         = NULL;

   }

diff --git a/ShellPkg/Library/UefiShellDebug1CommandsLib/HexEdit/BufferImage.c b/ShellPkg/Library/UefiShellDebug1CommandsLib/HexEdit/BufferImage.c
index be77e31a40..7e55be3dae 100644
--- a/ShellPkg/Library/UefiShellDebug1CommandsLib/HexEdit/BufferImage.c
+++ b/ShellPkg/Library/UefiShellDebug1CommandsLib/HexEdit/BufferImage.c
@@ -1,3 +1,10 @@
+//***********************************************************************

+//*                                                                     *

+//*   Copyright (c) 1985-2022, American Megatrends International LLC.   *

+//*                                                                     *

+//*      All rights reserved. Subject to AMI licensing agreement.       *

+//*                                                                     *

+//***********************************************************************

 /** @file

   Defines HBufferImage - the view of the file that is visible at any point,

   as well as the event handlers for editing the file

@@ -2036,7 +2043,8 @@ HBufferImageAddCharacterToBuffer (
   UINTN  OldPos;



   UINTN  NewPos;

-

+  EFI_STATUS   Status;  // AMI OVERRIDE

+

   Size = HBufferImageGetTotalSize ();



   //

@@ -2083,10 +2091,14 @@ HBufferImageAddCharacterToBuffer (
   Size += Count;



   HBufferImageFreeLines ();

-

-  HBufferImageBufferToList (Buffer, Size);

+  Status = HBufferImageBufferToList (Buffer, Size);  //*** AMI PORTING ***//



   FreePool (Buffer);

+  //*** AMI PORTING BEGIN ***//

+  if (EFI_ERROR (Status)) {

+    return Status;

+  }

+  //*** AMI PORTING END ***//



   Link = HMainEditor.BufferImage->ListHead->ForwardLink;

   for (Index = 0; Index < (INTN)NewPos / 0x10; Index++) {

diff --git a/ShellPkg/Library/UefiShellDebug1CommandsLib/HexEdit/FileImage.c b/ShellPkg/Library/UefiShellDebug1CommandsLib/HexEdit/FileImage.c
index d8818dd958..b4e4a143c0 100644
--- a/ShellPkg/Library/UefiShellDebug1CommandsLib/HexEdit/FileImage.c
+++ b/ShellPkg/Library/UefiShellDebug1CommandsLib/HexEdit/FileImage.c
@@ -1,3 +1,10 @@
+//***********************************************************************

+//*                                                                     *

+//*   Copyright (c) 1985-2022, American Megatrends International LLC.   *

+//*                                                                     *

+//*      All rights reserved. Subject to AMI licensing agreement.       *

+//*                                                                     *

+//***********************************************************************

 /** @file

   Functions to deal with file buffer.



@@ -245,6 +252,7 @@ HFileImageRead (
   @retval EFI_SUCCESS           The operation was successful.

   @retval EFI_OUT_OF_RESOURCES  A memory allocation failed.

   @retval EFI_LOAD_ERROR        A load error occurred.

+  @retval EFI_INVALID_PARAMETER FileName input parameter is NULL.

 **/

 EFI_STATUS

 HFileImageSave (

@@ -264,7 +272,11 @@ HFileImageSave (


   BufferTypeBackup        = HBufferImage.BufferType;

   HBufferImage.BufferType = FileTypeFileBuffer;

-

+ //*** AMI PORTING BEGIN ***//

+  if (FileName == NULL) {

+    return EFI_INVALID_PARAMETER;

+  }

+  //*** AMI PORTING END ***//

   //

   // if is the old file

   //

diff --git a/ShellPkg/Library/UefiShellDriver1CommandsLib/DrvCfg.c b/ShellPkg/Library/UefiShellDriver1CommandsLib/DrvCfg.c
index 9bbbb1444d..6bebf565f5 100644
--- a/ShellPkg/Library/UefiShellDriver1CommandsLib/DrvCfg.c
+++ b/ShellPkg/Library/UefiShellDriver1CommandsLib/DrvCfg.c
@@ -1,3 +1,10 @@
+//***********************************************************************

+//*                                                                     *

+//*   Copyright (c) 1985-2022, American Megatrends International LLC.   *

+//*                                                                     *

+//*      All rights reserved. Subject to AMI licensing agreement.       *

+//*                                                                     *

+//***********************************************************************

 /** @file

   Main file for DrvCfg shell Driver1 function.



@@ -355,7 +362,7 @@ ConfigFromFile (
   }



   MainBuffer = AllocateZeroPool ((UINTN)MainBufferSize);

-  if (EFI_ERROR (Status)) {

+   if (MainBuffer == NULL) { // AMI OVERRIDE

     ShellPrintHiiEx (

       -1,

       -1,

diff --git a/ShellPkg/Library/UefiShellLevel1CommandsLib/For.c b/ShellPkg/Library/UefiShellLevel1CommandsLib/For.c
index 8a6a940f28..f34acde353 100644
--- a/ShellPkg/Library/UefiShellLevel1CommandsLib/For.c
+++ b/ShellPkg/Library/UefiShellLevel1CommandsLib/For.c
@@ -1,3 +1,10 @@
+//***********************************************************************

+//*                                                                     *

+//*   Copyright (c) 1985-2022, American Megatrends International LLC.   *

+//*                                                                     *

+//*      All rights reserved. Subject to AMI licensing agreement.       *

+//*                                                                     *

+//***********************************************************************

 /** @file

   Main file for endfor and for shell level 1 functions.



@@ -335,6 +342,11 @@ ShellCommandRunFor (


   CurrentScriptFile = ShellCommandGetCurrentScriptFile ();

   ASSERT (CurrentScriptFile != NULL);

+  //*** AMI PORTING BEGIN ***//

+  if (CurrentScriptFile == NULL) {

+    return (SHELL_DEVICE_ERROR);

+  }

+  //*** AMI PORTING END ***//



   if ((CurrentScriptFile->CurrentCommand != NULL) && (CurrentScriptFile->CurrentCommand->Data == NULL)) {

     FirstPass = TRUE;

diff --git a/ShellPkg/Library/UefiShellLevel1CommandsLib/If.c b/ShellPkg/Library/UefiShellLevel1CommandsLib/If.c
index b4a6966edb..2cbafef0d1 100644
--- a/ShellPkg/Library/UefiShellLevel1CommandsLib/If.c
+++ b/ShellPkg/Library/UefiShellLevel1CommandsLib/If.c
@@ -1,3 +1,10 @@
+//***********************************************************************

+//*                                                                     *

+//*   Copyright (c) 1985-2022, American Megatrends International LLC.   *

+//*                                                                     *

+//*      All rights reserved. Subject to AMI licensing agreement.       *

+//*                                                                     *

+//***********************************************************************

 /** @file

   Main file for If and else shell level 1 function.



@@ -100,6 +107,11 @@ IsValidProfile (


   ProfilesString = ShellGetEnvironmentVariable (L"profiles");

   ASSERT (ProfilesString != NULL);

+  //*** AMI PORTING BEGIN ***//

+  if (ProfilesString == NULL) {

+    return FALSE;

+  }

+  //*** AMI PORTING END ***//

   TempLocation = StrStr (ProfilesString, String);

   if ((TempLocation != NULL) && (*(TempLocation-1) == L';') && (*(TempLocation+StrLen (String)) == L';')) {

     return (TRUE);

diff --git a/ShellPkg/Library/UefiShellLevel2CommandsLib/Vol.c b/ShellPkg/Library/UefiShellLevel2CommandsLib/Vol.c
index 8f7310c074..61470249f7 100644
--- a/ShellPkg/Library/UefiShellLevel2CommandsLib/Vol.c
+++ b/ShellPkg/Library/UefiShellLevel2CommandsLib/Vol.c
@@ -1,3 +1,10 @@
+//***********************************************************************

+//*                                                                     *

+//*   Copyright (c) 1985-2022, American Megatrends International LLC.   *

+//*                                                                     *

+//*      All rights reserved. Subject to AMI licensing agreement.       *

+//*                                                                     *

+//***********************************************************************

 /** @file

   Main file for vol shell level 2 function.



@@ -97,7 +104,11 @@ HandleVol (
   }



   ASSERT (SysInfo != NULL);

-

+  //*** AMI PORTING BEGIN ***//

+  if (SysInfo == NULL) {

+    return (SHELL_OUT_OF_RESOURCES);;

+  }

+ //*** AMI PORTING END ***//

   if (Delete) {

     *((CHAR16 *)SysInfo->VolumeLabel) = CHAR_NULL;

     SysInfo->Size                     = SIZE_OF_EFI_FILE_SYSTEM_INFO + StrSize (SysInfo->VolumeLabel);

diff --git a/ShellPkg/Library/UefiShellLevel3CommandsLib/Help.c b/ShellPkg/Library/UefiShellLevel3CommandsLib/Help.c
index 7f146bb9fb..21e62c9ee8 100644
--- a/ShellPkg/Library/UefiShellLevel3CommandsLib/Help.c
+++ b/ShellPkg/Library/UefiShellLevel3CommandsLib/Help.c
@@ -1,3 +1,10 @@
+//***********************************************************************

+//*                                                                     *

+//*   Copyright (c) 1985-2022, American Megatrends International LLC.   *

+//*                                                                     *

+//*      All rights reserved. Subject to AMI licensing agreement.       *

+//*                                                                     *

+//***********************************************************************

 /** @file

   Main file for Help shell level 3 function.



@@ -117,7 +124,11 @@ CopyListOfCommandNames (
   )

 {

   CONST COMMAND_LIST  *Node;

-

+  //*** AMI PORTING BEGIN ***//

+  if (SourceList == NULL) {

+      return SHELL_INVALID_PARAMETER;;

+  }

+  //*** AMI PORTING END ***//

   for ( Node = (COMMAND_LIST *)GetFirstNode (&SourceList->Link)

         ; SourceList != NULL && !IsListEmpty (&SourceList->Link) && !IsNull (&SourceList->Link, &Node->Link)

         ; Node = (COMMAND_LIST *)GetNextNode (&SourceList->Link, &Node->Link)

diff --git a/ShellPkg/Library/UefiShellLib/UefiShellLib.c b/ShellPkg/Library/UefiShellLib/UefiShellLib.c
index a72767bd86..1746bbcb2d 100644
--- a/ShellPkg/Library/UefiShellLib/UefiShellLib.c
+++ b/ShellPkg/Library/UefiShellLib/UefiShellLib.c
@@ -1,3 +1,11 @@
+//***********************************************************************

+//*                                                                     *

+//*   Copyright (c) 1985-2022, American Megatrends International LLC.   *

+//*                                                                     *

+//*      All rights reserved. Subject to AMI licensing agreement.       *

+//*                                                                     *

+//***********************************************************************

+

 /** @file

   Provides interface to shell functionality for shell commands and applications.



@@ -1761,7 +1769,11 @@ ShellCloseFileMetaArg (
   // ASSERT that ListHead is not NULL

   //

   ASSERT (ListHead != NULL);

-

+  //*** AMI PORTING BEGIN ***//

+  if (ListHead == NULL) {

+    return (SHELL_INVALID_PARAMETER);

+  }

+  //*** AMI PORTING END ***//

   //

   // Check for UEFI Shell 2.0 protocols

   //

@@ -2221,6 +2233,10 @@ InternalCommandLineParse (
       if (CurrentItemPackage->Name == NULL) {

         ShellCommandLineFreeVarList (*CheckPackage);

         *CheckPackage = NULL;

+        //*** AMI PORTING BEGIN ***//

+        // Fixing memory leak here

+        SHELL_FREE_NON_NULL (CurrentItemPackage);

+        //*** AMI PORTING END ***//

         return (EFI_OUT_OF_RESOURCES);

       }



@@ -2323,6 +2339,10 @@ InternalCommandLineParse (
       if (CurrentItemPackage->Value == NULL) {

         ShellCommandLineFreeVarList (*CheckPackage);

         *CheckPackage = NULL;

+        //*** AMI PORTING BEGIN ***//

+        // Fixing memory leak here

+        SHELL_FREE_NON_NULL (CurrentItemPackage);

+        //*** AMI PORTING END ***//

         return (EFI_OUT_OF_RESOURCES);

       }



@@ -4377,9 +4397,12 @@ ShellFileHandleReadLine (
     return (EFI_INVALID_PARAMETER);

   }



-  if (Buffer == NULL) {

-    ASSERT (*Size == 0);

-  } else {

+  //*** AMI PORTING BEGIN ***//

+  if ((Buffer == NULL) || (*Size == 0)) {

+    return EFI_INVALID_PARAMETER;

+  }

+  //*** AMI PORTING END ***//

+  else {

     *Buffer = CHAR_NULL;

   }



--
2.36.0.windows.1
-The information contained in this message may be confidential and proprietary to American Megatrends (AMI). This communication is intended to be read only by the individual or entity to whom it is addressed or by their designee. If the reader of this message is not the intended recipient, you are on notice that any distribution of this message, in any form, is strictly prohibited. Please promptly notify the sender by reply e-mail or by telephone at 770-246-8600, and then delete or destroy all copies of the transmission.

             reply	other threads:[~2022-11-22 12:34 UTC|newest]

Thread overview: 3+ messages / expand[flat|nested]  mbox.gz  Atom feed  top
2022-11-22 12:34 Kalaivani P [this message]
2022-11-22 16:52 ` [edk2-devel] [PATCH] Multiple Coverity issues were found from EDK2 ShellPkg Michael D Kinney
2022-11-25  7:56 ` kalaivanip

Reply instructions:

You may reply publicly to this message via plain-text email
using any one of the following methods:

* Save the following mbox file, import it into your mail client,
  and reply-to-list from there: mbox

  Avoid top-posting and favor interleaved quoting:
  https://en.wikipedia.org/wiki/Posting_style#Interleaved_style

* Reply using the --to, --cc, and --in-reply-to
  switches of git-send-email(1):

  git send-email \
    --in-reply-to=20221122122806.1732-1-kalaivanip@ami.com \
    --to=devel@edk2.groups.io \
    /path/to/YOUR_REPLY

  https://kernel.org/pub/software/scm/git/docs/git-send-email.html

* If your mail client supports setting the In-Reply-To header
  via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox