From mboxrd@z Thu Jan  1 00:00:00 1970
Return-Path: <pcacjr@zytor.com>
Received-SPF: Pass (sender SPF authorized) identity=mailfrom;
 client-ip=65.50.211.136; helo=mail.zytor.com; envelope-from=pcacjr@zytor.com;
 receiver=edk2-devel@lists.01.org 
Received: from mail.zytor.com (terminus.zytor.com [65.50.211.136])
 (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits))
 (No client certificate requested)
 by ml01.01.org (Postfix) with ESMTPS id 50B0B20945BC2
 for <edk2-devel@lists.01.org>; Mon, 25 Sep 2017 19:24:20 -0700 (PDT)
Received: from [192.168.15.2] (177.97.69.dynamic.adsl.gvt.net.br
 [177.97.69.70] (may be forged)) (authenticated bits=0)
 by mail.zytor.com (8.15.2/8.15.2) with ESMTPSA id v8Q2PFtU005135
 (version=TLSv1.2 cipher=ECDHE-RSA-AES256-GCM-SHA384 bits=256 verify=NO);
 Mon, 25 Sep 2017 19:25:18 -0700
Date: Mon, 25 Sep 2017 23:25:08 -0300
User-Agent: K-9 Mail for Android
In-Reply-To: <20170926013648.23788-1-hao.a.wu@intel.com>
References: <20170926013648.23788-1-hao.a.wu@intel.com>
MIME-Version: 1.0
To: Hao Wu <hao.a.wu@intel.com>, edk2-devel@lists.01.org
CC: Ruiyu Ni <ruiyu.ni@intel.com>, Star Zeng <star.zeng@intel.com>,
 Eric Dong <eric.dong@intel.com>
From: Paulo Alcantara <pcacjr@zytor.com>
Message-ID: <9F701135-5993-4B69-A6D6-4A5313EB1886@zytor.com>
Subject: Re: [PATCH] MdeModulePkg/UdfDxe: Resolve potential NULL pointer dereference
X-BeenThere: edk2-devel@lists.01.org
X-Mailman-Version: 2.1.22
Precedence: list
List-Id: EDK II Development  <edk2-devel.lists.01.org>
List-Unsubscribe: <https://lists.01.org/mailman/options/edk2-devel>,
 <mailto:edk2-devel-request@lists.01.org?subject=unsubscribe>
List-Archive: <http://lists.01.org/pipermail/edk2-devel/>
List-Post: <mailto:edk2-devel@lists.01.org>
List-Help: <mailto:edk2-devel-request@lists.01.org?subject=help>
List-Subscribe: <https://lists.01.org/mailman/listinfo/edk2-devel>,
 <mailto:edk2-devel-request@lists.01.org?subject=subscribe>
X-List-Received-Date: Tue, 26 Sep 2017 02:24:20 -0000
Content-Type: text/plain;
 charset=utf-8
Content-Transfer-Encoding: quoted-printable



On September 25, 2017 10:36:48 PM GMT-03:00, Hao Wu <hao=2Ea=2Ewu@intel=2E=
com> wrote:
>Within function GetAllocationDescriptorLsn():
>
>The call to GetPdFromLongAd() may return NULL and it will be later
>dereferenced in GetShortAdLsn()=2E
>
>This commit adds ASSERT to resolve the potential NULL pointer
>dereference=2E
>
>Cc: Paulo Alcantara <pcacjr@zytor=2Ecom>
>Cc: Ruiyu Ni <ruiyu=2Eni@intel=2Ecom>
>Cc: Star Zeng <star=2Ezeng@intel=2Ecom>
>Cc: Eric Dong <eric=2Edong@intel=2Ecom>
>Contributed-under: TianoCore Contribution Agreement 1=2E1
>Signed-off-by: Hao Wu <hao=2Ea=2Ewu@intel=2Ecom>
>---
> MdeModulePkg/Universal/Disk/UdfDxe/FileSystemOperations=2Ec | 7 ++++++-
> 1 file changed, 6 insertions(+), 1 deletion(-)
>
>diff --git a/MdeModulePkg/Universal/Disk/UdfDxe/FileSystemOperations=2Ec
>b/MdeModulePkg/Universal/Disk/UdfDxe/FileSystemOperations=2Ec
>index b336ffc553=2E=2Ee048d95d31 100644
>--- a/MdeModulePkg/Universal/Disk/UdfDxe/FileSystemOperations=2Ec
>+++ b/MdeModulePkg/Universal/Disk/UdfDxe/FileSystemOperations=2Ec
>@@ -748,12 +748,17 @@ GetAllocationDescriptorLsn (
>   IN VOID                            *Ad
>   )
> {
>+  UDF_PARTITION_DESCRIPTOR *PartitionDesc;
>+
>   if (RecordingFlags =3D=3D LongAdsSequence) {
>    return GetLongAdLsn (Volume, (UDF_LONG_ALLOCATION_DESCRIPTOR *)Ad);
>   } else if (RecordingFlags =3D=3D ShortAdsSequence) {
>+    PartitionDesc =3D GetPdFromLongAd (Volume, ParentIcb);
>+    ASSERT (PartitionDesc !=3D NULL);
>+
>     return GetShortAdLsn (
>       Volume,
>-      GetPdFromLongAd (Volume, ParentIcb),
>+      PartitionDesc,
>       (UDF_SHORT_ALLOCATION_DESCRIPTOR *)Ad
>       );
>   }

Reviewed-by: Paulo Alcantara <pcacjr@zytor=2Ecom>

Thanks!
Paulo

--=20
Sent from my Android device with K-9 Mail=2E Please excuse my brevity=2E