From mboxrd@z Thu Jan 1 00:00:00 1970 Received: from mga05.intel.com (mga05.intel.com [192.55.52.43]) by mx.groups.io with SMTP id smtpd.web09.258.1571627533066568932 for ; Sun, 20 Oct 2019 20:12:13 -0700 Authentication-Results: mx.groups.io; dkim=missing; spf=pass (domain: intel.com, ip: 192.55.52.43, mailfrom: liming.gao@intel.com) X-Amp-Result: SKIPPED(no attachment in message) X-Amp-File-Uploaded: False Received: from orsmga001.jf.intel.com ([10.7.209.18]) by fmsmga105.fm.intel.com with ESMTP/TLS/DHE-RSA-AES256-GCM-SHA384; 20 Oct 2019 20:12:12 -0700 X-ExtLoop1: 1 X-IronPort-AV: E=Sophos;i="5.67,322,1566889200"; d="scan'208";a="280841376" Received: from fmsmsx106.amr.corp.intel.com ([10.18.124.204]) by orsmga001.jf.intel.com with ESMTP; 20 Oct 2019 20:12:12 -0700 Received: from fmsmsx152.amr.corp.intel.com (10.18.125.5) by FMSMSX106.amr.corp.intel.com (10.18.124.204) with Microsoft SMTP Server (TLS) id 14.3.439.0; Sun, 20 Oct 2019 20:12:12 -0700 Received: from shsmsx152.ccr.corp.intel.com (10.239.6.52) by FMSMSX152.amr.corp.intel.com (10.18.125.5) with Microsoft SMTP Server (TLS) id 14.3.439.0; Sun, 20 Oct 2019 20:12:11 -0700 Received: from shsmsx104.ccr.corp.intel.com ([169.254.5.166]) by SHSMSX152.ccr.corp.intel.com ([10.239.6.52]) with mapi id 14.03.0439.000; Mon, 21 Oct 2019 11:12:11 +0800 From: "Liming Gao" To: "Marvin.Haeuser@outlook.com" , "devel@edk2.groups.io" CC: "vit9696@protonmail.com" , "Kinney, Michael D" Subject: Re: [PATCH] MdePkg/UefiFileHandleLib: Fix potential NULL dereference Thread-Topic: [PATCH] MdePkg/UefiFileHandleLib: Fix potential NULL dereference Thread-Index: AQHVhz8WsmCsVfRgHEG2TcYkLyIZbqdkbCiQ Date: Mon, 21 Oct 2019 03:12:11 +0000 Message-ID: <4A89E2EF3DFEDB4C8BFDE51014F606A14E51F6CD@SHSMSX104.ccr.corp.intel.com> References: In-Reply-To: Accept-Language: en-US X-MS-Has-Attach: X-MS-TNEF-Correlator: x-originating-ip: [10.239.127.40] MIME-Version: 1.0 Return-Path: liming.gao@intel.com Content-Language: en-US Content-Type: text/plain; charset="iso-8859-1" Content-Transfer-Encoding: quoted-printable Reviewed-by: Liming Gao >-----Original Message----- >From: Marvin H=E4user [mailto:Marvin.Haeuser@outlook.com] >Sent: Sunday, October 20, 2019 8:09 PM >To: devel@edk2.groups.io >Cc: vit9696@protonmail.com; Kinney, Michael D >; Gao, Liming >Subject: [PATCH] MdePkg/UefiFileHandleLib: Fix potential NULL dereference > >From: Marvin Haeuser > >REF: https://bugzilla.tianocore.org/show_bug.cgi?id=3D2293 > >Move the NULL check in FileHandleGetInfo() to directly after the >allocation to prevent potential NULL dereferences. > >Cc: Michael D Kinney >Cc: Liming Gao >Signed-off-by: Marvin Haeuser >--- > MdePkg/Library/UefiFileHandleLib/UefiFileHandleLib.c | 28 +++++++++++---- >----- > 1 file changed, 15 insertions(+), 13 deletions(-) > >diff --git a/MdePkg/Library/UefiFileHandleLib/UefiFileHandleLib.c >b/MdePkg/Library/UefiFileHandleLib/UefiFileHandleLib.c >index 96913c5c02b8..5dc893833a46 100644 >--- a/MdePkg/Library/UefiFileHandleLib/UefiFileHandleLib.c >+++ b/MdePkg/Library/UefiFileHandleLib/UefiFileHandleLib.c >@@ -68,19 +68,21 @@ FileHandleGetInfo ( > // error is expected. getting size to allocate > > // > > FileInfo =3D AllocateZeroPool(FileInfoSize); > >- // > >- // now get the information > >- // > >- Status =3D FileHandle->GetInfo(FileHandle, > >- &gEfiFileInfoGuid, > >- &FileInfoSize, > >- FileInfo); > >- // > >- // if we got an error free the memory and return NULL > >- // > >- if (EFI_ERROR(Status) && (FileInfo !=3D NULL)) { > >- FreePool(FileInfo); > >- FileInfo =3D NULL; > >+ if (FileInfo !=3D NULL) { > >+ // > >+ // now get the information > >+ // > >+ Status =3D FileHandle->GetInfo(FileHandle, > >+ &gEfiFileInfoGuid, > >+ &FileInfoSize, > >+ FileInfo); > >+ // > >+ // if we got an error free the memory and return NULL > >+ // > >+ if (EFI_ERROR(Status)) { > >+ FreePool(FileInfo); > >+ FileInfo =3D NULL; > >+ } > > } > > } > > return (FileInfo); > >-- >2.23.0.windows.1