From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Received: from mga04.intel.com (mga04.intel.com [192.55.52.120]) (using TLSv1 with cipher CAMELLIA256-SHA (256/256 bits)) (No client certificate requested) by ml01.01.org (Postfix) with ESMTPS id 1D3EA1A1DEB for ; Wed, 28 Sep 2016 19:51:45 -0700 (PDT) Received: from orsmga002.jf.intel.com ([10.7.209.21]) by fmsmga104.fm.intel.com with ESMTP; 28 Sep 2016 19:51:44 -0700 X-ExtLoop1: 1 X-IronPort-AV: E=Sophos;i="5.30,413,1470726000"; d="scan'208";a="1058054392" Received: from fmsmsx107.amr.corp.intel.com ([10.18.124.205]) by orsmga002.jf.intel.com with ESMTP; 28 Sep 2016 19:51:45 -0700 Received: from fmsmsx112.amr.corp.intel.com (10.18.116.6) by fmsmsx107.amr.corp.intel.com (10.18.124.205) with Microsoft SMTP Server (TLS) id 14.3.248.2; Wed, 28 Sep 2016 19:51:44 -0700 Received: from shsmsx152.ccr.corp.intel.com (10.239.6.52) by FMSMSX112.amr.corp.intel.com (10.18.116.6) with Microsoft SMTP Server (TLS) id 14.3.248.2; Wed, 28 Sep 2016 19:51:43 -0700 Received: from shsmsx104.ccr.corp.intel.com ([169.254.5.101]) by SHSMSX152.ccr.corp.intel.com ([169.254.6.95]) with mapi id 14.03.0248.002; Thu, 29 Sep 2016 10:51:41 +0800 From: "Ni, Ruiyu" To: "Kinney, Michael D" , "edk2-devel@lists.01.org" CC: "Carsey, Jaben" Thread-Topic: [Patch] ShellPkg/Hexedit: Fix FreePool() ASSERT() when writing disk Thread-Index: AQHSGenP5raTR4NMu02owLl+mJXJO6CPxMRQ Date: Thu, 29 Sep 2016 02:51:41 +0000 Message-ID: <734D49CCEBEEF84792F5B80ED585239D58E0D0FA@SHSMSX104.ccr.corp.intel.com> References: <1475109500-13024-1-git-send-email-michael.d.kinney@intel.com> In-Reply-To: <1475109500-13024-1-git-send-email-michael.d.kinney@intel.com> Accept-Language: en-US, zh-CN X-MS-Has-Attach: X-MS-TNEF-Correlator: x-titus-metadata-40: eyJDYXRlZ29yeUxhYmVscyI6IiIsIk1ldGFkYXRhIjp7Im5zIjoiaHR0cDpcL1wvd3d3LnRpdHVzLmNvbVwvbnNcL0ludGVsMyIsImlkIjoiYTA3NWQxZTUtZWJjMC00ZDgxLTg4NDQtYTFkNDE3YTQ3OGI5IiwicHJvcHMiOlt7Im4iOiJDVFBDbGFzc2lmaWNhdGlvbiIsInZhbHMiOlt7InZhbHVlIjoiQ1RQX0lDIn1dfV19LCJTdWJqZWN0TGFiZWxzIjpbXSwiVE1DVmVyc2lvbiI6IjE1LjkuNi42IiwiVHJ1c3RlZExhYmVsSGFzaCI6IlVzcDZOVWNjcWJWS29aOW1leE9UZUJQaE5ITHJKQmd0bGRxWXZNZ0dma1U9In0= x-ctpclassification: CTP_IC x-originating-ip: [10.239.127.40] MIME-Version: 1.0 Subject: Re: [Patch] ShellPkg/Hexedit: Fix FreePool() ASSERT() when writing disk X-BeenThere: edk2-devel@lists.01.org X-Mailman-Version: 2.1.21 Precedence: list List-Id: EDK II Development List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Thu, 29 Sep 2016 02:51:45 -0000 Content-Language: en-US Content-Type: text/plain; charset="us-ascii" Content-Transfer-Encoding: quoted-printable I agree to use the same style of code as what the other functions do. Reviewed-by: Ruiyu Ni >-----Original Message----- >From: Kinney, Michael D >Sent: Thursday, September 29, 2016 8:38 AM >To: edk2-devel@lists.01.org >Cc: Carsey, Jaben ; Ni, Ruiyu >Subject: [Patch] ShellPkg/Hexedit: Fix FreePool() ASSERT() when writing di= sk > >The HDiskImageSave() function copies a device path using >DuplicateDevicePath() and passes that device path to >gBS->LocateDevicePath() that changes the value of the >device path pointer. When FreePool() is called with the >modified device path pointer, the FreePool() service >generates an ASSERT() because the signature for the pool >head can not be found. > >The function HDiskImageRead() immediately above >HDiskImageSave() has the correct algorithm that uses an >additional local variable called DupDevicePathForFree to >preserve the pointer to the allocated buffer so it can >be used in the call to FreePool(). > >Bug: > >Cc: Jaben Carsey >Cc: Ruiyu Ni >Contributed-under: TianoCore Contribution Agreement 1.0 >Signed-off-by: Michael Kinney >--- > ShellPkg/Library/UefiShellDebug1CommandsLib/HexEdit/DiskImage.c | 4 +++- > 1 file changed, 3 insertions(+), 1 deletion(-) > >diff --git a/ShellPkg/Library/UefiShellDebug1CommandsLib/HexEdit/DiskImage= .c >b/ShellPkg/Library/UefiShellDebug1CommandsLib/HexEdit/DiskImage.c >index a50b52f..bc74a4f 100644 >--- a/ShellPkg/Library/UefiShellDebug1CommandsLib/HexEdit/DiskImage.c >+++ b/ShellPkg/Library/UefiShellDebug1CommandsLib/HexEdit/DiskImage.c >@@ -343,6 +343,7 @@ HDiskImageSave ( > > CONST EFI_DEVICE_PATH_PROTOCOL *DevicePath; > EFI_DEVICE_PATH_PROTOCOL *DupDevicePath; >+ EFI_DEVICE_PATH_PROTOCOL *DupDevicePathForFree; > EFI_BLOCK_IO_PROTOCOL *BlkIo; > EFI_STATUS Status; > EFI_HANDLE Handle; >@@ -364,12 +365,13 @@ HDiskImageSave ( > return EFI_INVALID_PARAMETER; > } > DupDevicePath =3D DuplicateDevicePath(DevicePath); >+ DupDevicePathForFree =3D DupDevicePath; > > // > // get blkio interface > // > Status =3D gBS->LocateDevicePath(&gEfiBlockIoProtocolGuid,&DupDevicePat= h,&Handle); >- FreePool(DupDevicePath); >+ FreePool(DupDevicePathForFree); > if (EFI_ERROR (Status)) { > // StatusBarSetStatusString (L"Read Disk Failed"); > return Status; >-- >2.6.3.windows.1