From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Received: from mail02.groups.io (mail02.groups.io [66.175.222.108]) by spool.mail.gandi.net (Postfix) with ESMTPS id D69E8780B6B for ; Tue, 29 Aug 2023 08:01:25 +0000 (UTC) DKIM-Signature: a=rsa-sha256; bh=1fC3NMGZOYwnSOHbg3ybRyWNWEGpNY3YYnOoAO9du3g=; c=relaxed/simple; d=groups.io; h=From:To:Cc:Subject:Date:Message-Id:In-Reply-To:References:MIME-Version:Precedence:List-Subscribe:List-Help:Sender:List-Id:Mailing-List:Delivered-To:Reply-To:List-Unsubscribe-Post:List-Unsubscribe:Content-Transfer-Encoding; s=20140610; t=1693296083; v=1; b=GbC/3RRZkK6ZBfRQcqv/S3RdNpFNn6vssa/4z4qSdlV46EnbNu+ItfRFvsAkWhKmTjZe8hPR veElNMuURXINIIazHydDDy7ICeDa05U3XmjfYLe5DsirVFE2am6iKzof00GmZDzarxWUMQIR2Xb /jKitZyU3pKoTbQk4m1w+aDc= X-Received: by 127.0.0.2 with SMTP id KjuDYY7687511xvvEAV10Nc5; Tue, 29 Aug 2023 01:01:23 -0700 X-Received: from mail-lj1-f179.google.com (mail-lj1-f179.google.com [209.85.208.179]) by mx.groups.io with SMTP id smtpd.web11.12654.1693296082114030428 for ; Tue, 29 Aug 2023 01:01:22 -0700 X-Received: by mail-lj1-f179.google.com with SMTP id 38308e7fff4ca-2bd0bc8b429so30822281fa.2 for ; Tue, 29 Aug 2023 01:01:21 -0700 (PDT) X-Gm-Message-State: aQBIPg3LLPoaqRX9zESRI2jtx7686176AA= X-Google-Smtp-Source: AGHT+IHOcq0a/RcNwj+X59r7Q3tXoHLoHkKoPjoaKDBiRn6R28LF+bCaGLTB/IxyEDvUa4a1gq26Zg== X-Received: by 2002:a2e:3812:0:b0:2bc:b8f5:aaf1 with SMTP id f18-20020a2e3812000000b002bcb8f5aaf1mr17589945lja.35.1693296080037; Tue, 29 Aug 2023 01:01:20 -0700 (PDT) X-Received: from localhost.localdomain ([79.164.221.98]) by smtp.gmail.com with ESMTPSA id h10-20020a2e900a000000b002ba130e9a29sm2077325ljg.76.2023.08.29.01.01.19 (version=TLS1_3 cipher=TLS_CHACHA20_POLY1305_SHA256 bits=256/256); Tue, 29 Aug 2023 01:01:19 -0700 (PDT) From: "Mike Maslenkin" To: devel@edk2.groups.io Cc: abner.chang@amd.com, nicklew@nvidia.com, igork@ami.com, Mike Maslenkin Subject: [edk2-devel] [PATCH v2 2/6] RedfishClientPkg: fix access to uninitialized variable Date: Tue, 29 Aug 2023 11:01:08 +0300 Message-Id: <20230829080112.12748-3-mike.maslenkin@gmail.com> In-Reply-To: <20230829080112.12748-1-mike.maslenkin@gmail.com> References: <20230829080112.12748-1-mike.maslenkin@gmail.com> MIME-Version: 1.0 Precedence: Bulk List-Subscribe: List-Help: Sender: devel@edk2.groups.io List-Id: Mailing-List: list devel@edk2.groups.io; contact devel+owner@edk2.groups.io Reply-To: devel@edk2.groups.io,mike.maslenkin@gmail.com List-Unsubscribe-Post: List-Unsubscribe=One-Click List-Unsubscribe: Content-Transfer-Encoding: quoted-printable X-GND-Status: LEGIT Authentication-Results: spool.mail.gandi.net; dkim=pass header.d=groups.io header.s=20140610 header.b="GbC/3RRZ"; dmarc=fail reason="SPF not aligned (relaxed), DKIM not aligned (relaxed)" header.from=gmail.com (policy=none); spf=pass (spool.mail.gandi.net: domain of bounce@groups.io designates 66.175.222.108 as permitted sender) smtp.mailfrom=bounce@groups.io This patch fixes access to uninitialized variable, causing ASSERT from FreePool at least. Before this patch RedfishSettingsResponse was initialized by GetResourceByUri under 'if (JsonValue !=3D NULL)' condition. But freed under 'if (Private->Payload !=3D NULL)' condition. Thus uninitialized pointers caused ASSERT on attempt to free memory. Signed-off-by: Mike Maslenkin --- RedfishClientPkg/Features/Bios/v1_0_9/Dxe/BiosDxe.c | 2 ++ 1 file changed, 2 insertions(+) diff --git a/RedfishClientPkg/Features/Bios/v1_0_9/Dxe/BiosDxe.c b/RedfishC= lientPkg/Features/Bios/v1_0_9/Dxe/BiosDxe.c index e7ac8779581c..f5562fb49cab 100644 --- a/RedfishClientPkg/Features/Bios/v1_0_9/Dxe/BiosDxe.c +++ b/RedfishClientPkg/Features/Bios/v1_0_9/Dxe/BiosDxe.c @@ -128,6 +128,8 @@ RedfishResourceConsumeResource ( return Status;=0D }=0D =0D + ZeroMem (&RedfishSettingsResponse, sizeof (REDFISH_RESPONSE));=0D +=0D ExpectedResponse =3D &Response;=0D RedfishSettingsUri =3D NULL;=0D JsonValue =3D RedfishJsonInPayload (Response.Payload);=0D --=20 2.32.0 (Apple Git-132) -=-=-=-=-=-=-=-=-=-=-=- Groups.io Links: You receive all messages sent to this group. View/Reply Online (#108080): https://edk2.groups.io/g/devel/message/108080 Mute This Topic: https://groups.io/mt/101027004/7686176 Group Owner: devel+owner@edk2.groups.io Unsubscribe: https://edk2.groups.io/g/devel/unsub [rebecca@openfw.io] -=-=-=-=-=-=-=-=-=-=-=-