From mboxrd@z Thu Jan 1 00:00:00 1970 Received: from NAM12-MW2-obe.outbound.protection.outlook.com (NAM12-MW2-obe.outbound.protection.outlook.com [40.107.244.80]) by mx.groups.io with SMTP id smtpd.web11.179018.1672225254540453788 for ; Wed, 28 Dec 2022 03:00:55 -0800 Authentication-Results: mx.groups.io; dkim=pass header.i=@ami.com header.s=selector1 header.b=LEjsfKbn; spf=pass (domain: ami.com, ip: 40.107.244.80, mailfrom: kalaivanip@ami.com) ARC-Seal: i=1; a=rsa-sha256; s=arcselector9901; d=microsoft.com; cv=none; b=EaufbsbWIyvuBlqvBQuh0HKHRAHlP7BL20hOC6C+jLgOBDdMd3nnr9KJcAEpDZ7uMVKZZ6jeJEBR30uNYowQsBwMIWt9BFotMM/xi0jjU9/RHyf25TXroICazi62Md7YXawhfWUZ7OJ2TehPGvetoxPkouozegD/Lg89A8Z9FEig3jbiiZ4/cRGs9cpnI1qXkRGgFfJyGlP9KBJKsfplTLpeAw3cPfEOz7VQTbKb+gTXhCOju4nA7Kw9y5E8MDSCt19pZGHejXXnEFaEIsQ/CkOK3Yh5vI1FeKBMwV73pn2scIJ60EvzOtfSgso6SJQXvzKwLzxunRHYdMspPbnaNg== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector9901; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-AntiSpam-MessageData-ChunkCount:X-MS-Exchange-AntiSpam-MessageData-0:X-MS-Exchange-AntiSpam-MessageData-1; bh=hzXsQOASkRrxdeRiAQzzt9tDd9YQAhhWh0bEiRsJJTc=; b=NgNnZzRe8LzJS3ewt+BeWxEFsJ41nqoYQXSQ1fSnIsZkrIC7pWpBetI7bXks/b8hVQ4jp3X1/0Xfcr/+3elNIVYazrleJSYIMd/+1yiKciAIJTCEOP8USPUs7aROA/f74UU6X0ZDY1tLiyPyO/9chuTiqulAhlt6ADunp/iSmbN8wCfPhjF6qDUoolpyrgnnyYQw3JlqLbcn77qWxQH2UKcacXDrTJK3LLm8V8wGIATFw4FkV4UMboQzVQOl2VvZl4+/HS0oR1upw3+6rV3qFGELsXZpO+QJ+62UZCFhwI8itcDSlilrjsGkMdDh50CDGzy+xZFd54x7GUZ3+a3+yQ== ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=pass smtp.mailfrom=ami.com; dmarc=pass action=none header.from=ami.com; dkim=pass header.d=ami.com; arc=none DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=ami.com; s=selector1; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=hzXsQOASkRrxdeRiAQzzt9tDd9YQAhhWh0bEiRsJJTc=; b=LEjsfKbnEGky1mSeeaAa+G9TXIU2qjeVi8o7DlzNzwyVyhdHKOiDSCImXW5DYEufUFTbABsULr1Q2w/qK5I+McmpIHpO1XLacQPFJa4T+JX0ppChhZKiB4IRlOaxa7lg6CyYtIGT/sYEsCQlce7IGWHbuXrbjIb3ynKe8mNeau8= Received: from PH7PR10MB5831.namprd10.prod.outlook.com (2603:10b6:510:132::19) by SA1PR10MB6591.namprd10.prod.outlook.com (2603:10b6:806:2bb::16) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.5944.16; Wed, 28 Dec 2022 11:00:50 +0000 Received: from PH7PR10MB5831.namprd10.prod.outlook.com ([fe80::bb96:1f98:17f7:c105]) by PH7PR10MB5831.namprd10.prod.outlook.com ([fe80::bb96:1f98:17f7:c105%3]) with mapi id 15.20.5944.014; Wed, 28 Dec 2022 11:00:50 +0000 From: "Kalaivani P" To: "devel@edk2.groups.io" , Kalaivani P CC: Sundaresan S , Srinivasan Mani , Arun K Subject: [PATCH] ShellPkg: Multiple Coverity issues were found from EDK2 ShellPkg. Thread-Topic: [PATCH] ShellPkg: Multiple Coverity issues were found from EDK2 ShellPkg. Thread-Index: AQHZGqulwPj9uGTeCE+z0/vj1DCKmg== Date: Wed, 28 Dec 2022 11:00:50 +0000 Message-ID: <20221228105922.294-1-kalaivanip@ami.com> Accept-Language: en-US X-MS-Has-Attach: X-MS-TNEF-Correlator: authentication-results: dkim=none (message not signed) header.d=none;dmarc=none action=none header.from=ami.com; x-ms-publictraffictype: Email x-ms-traffictypediagnostic: PH7PR10MB5831:EE_|SA1PR10MB6591:EE_ x-ms-office365-filtering-correlation-id: 74d345c3-a939-43ba-b20a-08dae8c2c825 x-ms-exchange-senderadcheck: 1 x-ms-exchange-antispam-relay: 0 x-microsoft-antispam: BCL:0; x-microsoft-antispam-message-info: rtHbmqAwHpQ59FliI09OSgvvnS8i+CRauInG/9wqpelhdcMZ8RRdQ4+Qb15xdIeaJhfwTbkqIrqKn0Rgs+AWwMEi7DT5XS2u+tmDROmFnpHng//d/rvfP4SwEuO5jeQtfV0Ti7Ahy75tQmMiOghVbAwOUUqirm7pzm/L1hB+3+kxYmgMk51QYVmvJ4TGVCHRAV4z7e3vweK6Jfv9vPbHiBgvK5XKBZNObQZaXch+0urTxoTcUf5c1GxsJtY30YC/59Onum8NjisMoz8S3TBii00IM3y71s1Tfh97fsvBMuEDHENf6nfpHPnY3GWm174tVSn2+EoBq3FiNKnh7j4OhLUfyzdLe0iJX4gcMmEGPhlBV8fRSmczio9CVqo+TPrZ7j0EGdjYe+ToT/IT8yEVBm09RUxEROAjTlEHAO+o4IePDJhrT7TGXKtI3x/1rjv8F9MeJPhRrq6brS3iGeft17zhVdgjcoE0EDBA3kjj5ZC5QbuZvBNm/+WQuh7gAtH3IughwWrQgVEXadlIWunNHqOTf4rL578R1xhq+v4AHcQ+RZIoMINBliCsgKr1smEdjDVwubouvlGUB3E5+8YbKZoQNTxHfMOn0LmU3eUUEjbQMx4KELhgXrKSS6ZfeFoOHUcUPp/dN348vjrSY4VKpDIQ/gYGVRplzXnSkWgrf8ELdtvUysLtzipndr8ZKJ1lO7/HEVdnmLEwTb1g4wQYfPlmuVQJn+OaBzE+uMWYDYsJk7Dvp5YxhKWpobJ33oe7FHGwsU7TcSeUG/MBlVzDDA== x-forefront-antispam-report: CIP:255.255.255.255;CTRY:;LANG:en;SCL:1;SRV:;IPV:NLI;SFV:NSPM;H:PH7PR10MB5831.namprd10.prod.outlook.com;PTR:;CAT:NONE;SFS:(13230022)(4636009)(396003)(376002)(366004)(346002)(136003)(39850400004)(451199015)(83380400001)(86362001)(38070700005)(122000001)(2906002)(38100700002)(8936002)(41300700001)(5660300002)(7049001)(6506007)(478600001)(6486002)(1076003)(2616005)(55236004)(26005)(91956017)(76116006)(6512007)(186003)(4326008)(8676002)(316002)(71200400001)(66556008)(54906003)(110136005)(66946007)(66476007)(66446008)(64756008)(36756003)(40140700001)(403724002);DIR:OUT;SFP:1101; x-ms-exchange-antispam-messagedata-chunkcount: 1 x-ms-exchange-antispam-messagedata-0: =?iso-8859-1?Q?ME2aLOzQPgVlczt82wZ+NmgGheCiLaN9twBdnEAZe1aHGjxdkwtJ3Iogix?= =?iso-8859-1?Q?LJyVenSfcMdU2KaX/eKN1at0SMEIA6P1Kn48iJ9y6Ea9m8tWEAj3+n6e/f?= =?iso-8859-1?Q?bUyEBdznJY7S8ZjtAV++AQN7HAtT53j9OSIAP+RZlunIofwsNSu55a6yZh?= =?iso-8859-1?Q?wk++yz8stgbOpjNC5edQdlmeQDEefC23DD3AGikt6A42z36Kb86JLlgmMW?= =?iso-8859-1?Q?RM1MzRH2h1yOyMNZmn/xovjWaPYynhpg72rU3fUm4JwF3r7I8LK6S5iXbT?= =?iso-8859-1?Q?yeCaysPti5XqrAtdwHfi8xCfeit/UV1F0GRNaVY0+S39ZEypgLIzJiHAbF?= =?iso-8859-1?Q?8xU6n9i84KZAMlz6GHEcsg7krbdH/m5LeC6YM+7/Dp5sYevGO1CPZ9JYtC?= =?iso-8859-1?Q?QcS0KUK6AQ3dqZAAWvUIGQEd8ONFDgRTJKiDVz7TiS4dim7M3KY3TkHMQx?= =?iso-8859-1?Q?GZy/mA981tF9KEfxtv8ADmfRkXBPCavqX8J9pL2l0f4LrQNiwe8yMNq7Fc?= =?iso-8859-1?Q?urC7m02SvAzVlaX5gffIopr4s9yb4ckZVY7VUZHAXOh2gMvUx1QS/f3o0m?= =?iso-8859-1?Q?LAtetLziK+M1JJisX4q11SrijEfhc/ag98P6dbdpX9CbThvnxb6OGkprQY?= =?iso-8859-1?Q?So8lkUpywSmjCcywpCyuna+IDX3TikYFXjDImT7vhU3k+aENsWiAKaT0D2?= =?iso-8859-1?Q?+ZUcH7ocwig0zUjR+JlpB6bIf1NfZIKp+vNQVPDKidwXDTaXldYIAv29Rz?= =?iso-8859-1?Q?NCvQLIEs4MdRqsEdlsEBFcjkJakaCZ7pqs1G+TH1P/l3tH7L9PvRx7YRm5?= =?iso-8859-1?Q?WVuSzttDxurnGfBiOCzZ14aE5p8/IRkK3j7uezsrtNBHRTbU4FUnW5bDj1?= =?iso-8859-1?Q?nvefLc9pcMlCGbk6c8DsmdkCeHaLK7n64WhJFkuPRJ/s5bi04EaFXem0iU?= =?iso-8859-1?Q?BwohWAcCahY9g3eOC9dEMBI3PBSBwy0IcScceKXzRfTxR52YW2yk3QJxAp?= =?iso-8859-1?Q?V1wbyLJQlbjWH/lZX6lBVVWygTg19ZI2LFjOyhlq57dQP52QJWbzqawFsX?= =?iso-8859-1?Q?LfwJMKOk3+ojUGHM3oUFduk/isIS6Wew2xArEOK188DZiS92CsgeDpUYxX?= =?iso-8859-1?Q?nHEq/a9eXotK4ci24WdIh2Mkngf3dLWTn8gMgFm6H1/XygnnMFHDiean6r?= =?iso-8859-1?Q?wyYWDXwXJtQjJdQif2BWvip2sZI9SEN7OOF1zS2mmxpE1VU30G1FIQKPIE?= =?iso-8859-1?Q?BQBc66SRWO8I576cz85m0XsvBayCmala2lv49bYQ7wn7q826qcJ+m/8dRf?= =?iso-8859-1?Q?szbatT4naqst46eTrS39IhnbjuV2sfhQyujJGiY/juj2DCi/HxJbi98kI/?= =?iso-8859-1?Q?tHwTOqdjIPjWByIPoQGxRN6hiMs8dd72a8X2ZBNHCw+7ZdjWSjDncydlDZ?= =?iso-8859-1?Q?mExzEwocFV4O7J8vGpBcT/dCoOfG0tcdgeBBspyudMzf0WyXBQkXW+o2bO?= =?iso-8859-1?Q?82CR5Sh1vceR+Md+6Ux3W5rHKbz8TauRxxi1DkfIRK1TO+bVnFuXHUUXmu?= =?iso-8859-1?Q?VQYYeOwBp3rK2ZAANjUrC87sweliZ8IOPLVx+tOEzu8nV6lCVnAGImoSRd?= =?iso-8859-1?Q?FiQ48EsBSNOu2SJn3tBt09UORDHvPW8eTk?= MIME-Version: 1.0 X-OriginatorOrg: ami.com X-MS-Exchange-CrossTenant-AuthAs: Internal X-MS-Exchange-CrossTenant-AuthSource: PH7PR10MB5831.namprd10.prod.outlook.com X-MS-Exchange-CrossTenant-Network-Message-Id: 74d345c3-a939-43ba-b20a-08dae8c2c825 X-MS-Exchange-CrossTenant-originalarrivaltime: 28 Dec 2022 11:00:50.4934 (UTC) X-MS-Exchange-CrossTenant-fromentityheader: Hosted X-MS-Exchange-CrossTenant-id: 27e97857-e15f-486c-b58e-86c2b3040f93 X-MS-Exchange-CrossTenant-mailboxtype: HOSTED X-MS-Exchange-CrossTenant-userprincipalname: HQBbNYlCQLdLt0P7ra19MIBL562KBmmX8gzhqEghJGUVx7Kd15t/g5UTlMBN6OAF4FsFMNuIM1Ipz+Yfoe0l4w== X-MS-Exchange-Transport-CrossTenantHeadersStamped: SA1PR10MB6591 Content-Language: en-US Content-Type: text/plain; charset="iso-8859-1" Content-Transfer-Encoding: quoted-printable Attached is the report for Coverity issues identified in ShellPkg based on edk2-stable202205. Cc: Srinivasan Mani Cc: Sundaresan Selvaraj Cc: Arun k Signed-off-by: Kalaivani P --- ShellPkg/Application/Shell/ShellProtocol.c | 5 ++++- ShellPkg/Library/UefiShellLib/UefiShellLib.c | 11 ++++++++--- 2 files changed, 12 insertions(+), 4 deletions(-) diff --git a/ShellPkg/Application/Shell/ShellProtocol.c b/ShellPkg/Applicat= ion/Shell/ShellProtocol.c index e6d20ab164..e4ac7f9554 100644 --- a/ShellPkg/Application/Shell/ShellProtocol.c +++ b/ShellPkg/Application/Shell/ShellProtocol.c @@ -4,6 +4,7 @@ (C) Copyright 2014 Hewlett-Packard Development Company, L.P.
(C) Copyright 2016 Hewlett Packard Enterprise Development LP
+ Copyright (c) 1985 - 2022, American Megatrends International LLC.
Copyright (c) 2009 - 2018, Intel Corporation. All rights reserved.
SPDX-License-Identifier: BSD-2-Clause-Patent @@ -2524,7 +2525,9 @@ ShellSearchHandle ( EfiShellClose (ShellInfoNode->Handle); ShellInfoNode->Handle =3D NULL; } - } else if (!EFI_ERROR (Status)) { + + } else if (!EFI_ERROR (Status) && (ShellInfoNode->FullName !=3D= NULL)) { + // // should be a file // diff --git a/ShellPkg/Library/UefiShellLib/UefiShellLib.c b/ShellPkg/Librar= y/UefiShellLib/UefiShellLib.c index a72767bd86..fd76da8ea5 100644 --- a/ShellPkg/Library/UefiShellLib/UefiShellLib.c +++ b/ShellPkg/Library/UefiShellLib/UefiShellLib.c @@ -3,6 +3,7 @@ (C) Copyright 2016 Hewlett Packard Enterprise Development LP
Copyright 2016-2018 Dell Technologies.
+ Copyright (c) 1985 - 2022, American Megatrends International LLC.
Copyright (c) 2006 - 2019, Intel Corporation. All rights reserved.
SPDX-License-Identifier: BSD-2-Clause-Patent @@ -1761,6 +1762,9 @@ ShellCloseFileMetaArg ( // ASSERT that ListHead is not NULL // ASSERT (ListHead !=3D NULL); + if (ListHead =3D=3D NULL) { + return (SHELL_INVALID_PARAMETER); + } // // Check for UEFI Shell 2.0 protocols @@ -4377,9 +4381,10 @@ ShellFileHandleReadLine ( return (EFI_INVALID_PARAMETER); } - if (Buffer =3D=3D NULL) { - ASSERT (*Size =3D=3D 0); - } else { + if ((Buffer =3D=3D NULL) && (*Size !=3D 0)) { + return EFI_INVALID_PARAMETER; + } + else { *Buffer =3D CHAR_NULL; } -- 2.36.0.windows.1 -The information contained in this message may be confidential and propriet= ary to American Megatrends (AMI). This communication is intended to be read= only by the individual or entity to whom it is addressed or by their desig= nee. If the reader of this message is not the intended recipient, you are o= n notice that any distribution of this message, in any form, is strictly pr= ohibited. Please promptly notify the sender by reply e-mail or by telephone= at 770-246-8600, and then delete or destroy all copies of the transmission= .