From mboxrd@z Thu Jan  1 00:00:00 1970
Return-Path: <liming.gao@intel.com>
Received: from mga14.intel.com (mga14.intel.com [192.55.52.115])
 (using TLSv1 with cipher CAMELLIA256-SHA (256/256 bits))
 (No client certificate requested)
 by ml01.01.org (Postfix) with ESMTPS id D62B91A1E3E
 for <edk2-devel@lists.01.org>; Thu, 29 Sep 2016 22:36:56 -0700 (PDT)
Received: from fmsmga006.fm.intel.com ([10.253.24.20])
 by fmsmga103.fm.intel.com with ESMTP; 29 Sep 2016 22:36:56 -0700
X-ExtLoop1: 1
X-IronPort-AV: E=Sophos;i="5.31,418,1473145200"; d="scan'208";a="14813035"
Received: from fmsmsx107.amr.corp.intel.com ([10.18.124.205])
 by fmsmga006.fm.intel.com with ESMTP; 29 Sep 2016 22:36:56 -0700
Received: from fmsmsx122.amr.corp.intel.com (10.18.125.37) by
 fmsmsx107.amr.corp.intel.com (10.18.124.205) with Microsoft SMTP Server (TLS)
 id 14.3.248.2; Thu, 29 Sep 2016 22:36:56 -0700
Received: from shsmsx101.ccr.corp.intel.com (10.239.4.153) by
 fmsmsx122.amr.corp.intel.com (10.18.125.37) with Microsoft SMTP Server (TLS)
 id 14.3.248.2; Thu, 29 Sep 2016 22:36:56 -0700
Received: from shsmsx102.ccr.corp.intel.com ([169.254.2.15]) by
 SHSMSX101.ccr.corp.intel.com ([169.254.1.118]) with mapi id 14.03.0248.002;
 Fri, 30 Sep 2016 13:36:53 +0800
From: "Gao, Liming" <liming.gao@intel.com>
To: "Ni, Ruiyu" <ruiyu.ni@intel.com>, "edk2-devel@lists.01.org"
 <edk2-devel@lists.01.org>
Thread-Topic: [PATCH] MdeModulePkg/HiiDataBase: Fix NULL deference bug in
 HiiGetImageInfo
Thread-Index: AQHSGtN+aj+PI6vtz0a9NGOskLjstaCRg5VA
Date: Fri, 30 Sep 2016 05:36:52 +0000
Message-ID: <4A89E2EF3DFEDB4C8BFDE51014F606A14B47F035@shsmsx102.ccr.corp.intel.com>
References: <20160930043113.541636-1-ruiyu.ni@intel.com>
In-Reply-To: <20160930043113.541636-1-ruiyu.ni@intel.com>
Accept-Language: en-US
X-MS-Has-Attach: 
X-MS-TNEF-Correlator: 
x-originating-ip: [10.239.127.40]
MIME-Version: 1.0
Subject: Re: [PATCH] MdeModulePkg/HiiDataBase: Fix NULL deference bug in HiiGetImageInfo
X-BeenThere: edk2-devel@lists.01.org
X-Mailman-Version: 2.1.21
Precedence: list
List-Id: EDK II Development  <edk2-devel.lists.01.org>
List-Unsubscribe: <https://lists.01.org/mailman/options/edk2-devel>,
 <mailto:edk2-devel-request@lists.01.org?subject=unsubscribe>
List-Archive: <http://lists.01.org/pipermail/edk2-devel/>
List-Post: <mailto:edk2-devel@lists.01.org>
List-Help: <mailto:edk2-devel-request@lists.01.org?subject=help>
List-Subscribe: <https://lists.01.org/mailman/listinfo/edk2-devel>,
 <mailto:edk2-devel-request@lists.01.org?subject=subscribe>
X-List-Received-Date: Fri, 30 Sep 2016 05:36:57 -0000
Content-Language: en-US
Content-Type: text/plain; charset="us-ascii"
Content-Transfer-Encoding: quoted-printable

Signed-off-by: Liming Gao <liming.gao@intel.com>

> -----Original Message-----
> From: Ni, Ruiyu
> Sent: Friday, September 30, 2016 12:31 PM
> To: edk2-devel@lists.01.org
> Cc: Gao, Liming <liming.gao@intel.com>
> Subject: [PATCH] MdeModulePkg/HiiDataBase: Fix NULL deference bug in
> HiiGetImageInfo
>=20
> The return value of GetImageIdOrAddress() could be NULL if the
> ImageId is invalid. The patch fixes the bug to return EFI_NOT_FOUND
> when GetImageIdOrAddress() returns NULL.
>=20
> Contributed-under: TianoCore Contribution Agreement 1.0
> Signed-off-by: Ruiyu Ni <ruiyu.ni@intel.com>
> Cc: Liming Gao <liming.gao@intel.com>
> ---
>  MdeModulePkg/Universal/HiiDatabaseDxe/ImageEx.c | 4 ++++
>  1 file changed, 4 insertions(+)
>=20
> diff --git a/MdeModulePkg/Universal/HiiDatabaseDxe/ImageEx.c
> b/MdeModulePkg/Universal/HiiDatabaseDxe/ImageEx.c
> index 1e3f3bd..33dbc7d 100644
> --- a/MdeModulePkg/Universal/HiiDatabaseDxe/ImageEx.c
> +++ b/MdeModulePkg/Universal/HiiDatabaseDxe/ImageEx.c
> @@ -361,6 +361,10 @@ HiiGetImageInfo (
>    // Find the image block specified by ImageId
>    //
>    CurrentImageBlock =3D GetImageIdOrAddress (ImagePackage->ImageBlock,
> &ImageId);
> +  if (CurrentImageBlock =3D=3D NULL) {
> +    return EFI_NOT_FOUND;
> +  }
> +
>    switch (CurrentImageBlock->BlockType) {
>    case EFI_HII_IIBT_IMAGE_JPEG:
>    case EFI_HII_IIBT_IMAGE_PNG:
> --
> 2.9.0.windows.1