From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Received-SPF: Pass (sender SPF authorized) identity=mailfrom; client-ip=192.55.52.93; helo=mga11.intel.com; envelope-from=hao.a.wu@intel.com; receiver=edk2-devel@lists.01.org Received: from mga11.intel.com (mga11.intel.com [192.55.52.93]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ml01.01.org (Postfix) with ESMTPS id C2E3321184ABA for ; Mon, 29 Oct 2018 01:41:31 -0700 (PDT) X-Amp-Result: SKIPPED(no attachment in message) X-Amp-File-Uploaded: False Received: from fmsmga001.fm.intel.com ([10.253.24.23]) by fmsmga102.fm.intel.com with ESMTP/TLS/DHE-RSA-AES256-GCM-SHA384; 29 Oct 2018 01:41:31 -0700 X-ExtLoop1: 1 X-IronPort-AV: E=Sophos;i="5.54,439,1534834800"; d="scan'208";a="103380988" Received: from fmsmsx105.amr.corp.intel.com ([10.18.124.203]) by fmsmga001.fm.intel.com with ESMTP; 29 Oct 2018 01:41:30 -0700 Received: from shsmsx151.ccr.corp.intel.com (10.239.6.50) by FMSMSX105.amr.corp.intel.com (10.18.124.203) with Microsoft SMTP Server (TLS) id 14.3.408.0; Mon, 29 Oct 2018 01:41:30 -0700 Received: from shsmsx104.ccr.corp.intel.com ([169.254.5.117]) by SHSMSX151.ccr.corp.intel.com ([169.254.3.199]) with mapi id 14.03.0415.000; Mon, 29 Oct 2018 16:41:28 +0800 From: "Wu, Hao A" To: "Wang, Jian J" , "edk2-devel@lists.01.org" CC: "Zeng, Star" Thread-Topic: [PATCH] MdeModulePkg/Core: fix an issue of potential NULL pointer access Thread-Index: AQHUb2B8j6j1X5WwVEmsd/rn5PlmOKU153tw Date: Mon, 29 Oct 2018 08:41:28 +0000 Message-ID: References: <20181029082154.5908-1-jian.j.wang@intel.com> In-Reply-To: <20181029082154.5908-1-jian.j.wang@intel.com> Accept-Language: zh-CN, en-US X-MS-Has-Attach: X-MS-TNEF-Correlator: x-originating-ip: [10.239.127.40] MIME-Version: 1.0 Subject: Re: [PATCH] MdeModulePkg/Core: fix an issue of potential NULL pointer access X-BeenThere: edk2-devel@lists.01.org X-Mailman-Version: 2.1.29 Precedence: list List-Id: EDK II Development List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Mon, 29 Oct 2018 08:41:32 -0000 Content-Language: en-US Content-Type: text/plain; charset="us-ascii" Content-Transfer-Encoding: quoted-printable > -----Original Message----- > From: Wang, Jian J > Sent: Monday, October 29, 2018 4:22 PM > To: edk2-devel@lists.01.org > Cc: Wu, Hao A; Zeng, Star > Subject: [PATCH] MdeModulePkg/Core: fix an issue of potential NULL > pointer access >=20 > REF: https://bugzilla.tianocore.org/show_bug.cgi?id=3D1286 >=20 > This issue is introduced by bb685071c2602cf786ea84c69bbebf2158194a38. >=20 > The *MemorySpaceMap assigned with NULL (line 1710) value might be > accessed (line 1726/1730) without any sanity check. Although it won't > happen in practice because of line 1722, we still need to add check > against NULL to make static code analyzer happy. >=20 > 1710 *MemorySpaceMap =3D NULL; > .... ... > 1722 if (DescriptorCount =3D=3D *NumberOfDescriptors) { > .... ... > 1726 Descriptor =3D *MemorySpaceMap; > .... ... > 1730 BuildMemoryDescriptor (Descriptor, Entry); >=20 > Tests: > Pass build and boot to shell. >=20 > Cc: Hao Wu > Cc: Star Zeng > Contributed-under: TianoCore Contribution Agreement 1.1 > Signed-off-by: Jian J Wang > --- > MdeModulePkg/Core/Dxe/Gcd/Gcd.c | 2 +- > 1 file changed, 1 insertion(+), 1 deletion(-) >=20 > diff --git a/MdeModulePkg/Core/Dxe/Gcd/Gcd.c > b/MdeModulePkg/Core/Dxe/Gcd/Gcd.c > index 8bbdf7129f..a76d2db73c 100644 > --- a/MdeModulePkg/Core/Dxe/Gcd/Gcd.c > +++ b/MdeModulePkg/Core/Dxe/Gcd/Gcd.c > @@ -1719,7 +1719,7 @@ CoreGetMemorySpaceMap ( > // AllocatePool() called below has to be running outside the GCD loc= k. > // > DescriptorCount =3D CoreCountGcdMapEntry (&mGcdMemorySpaceMap); > - if (DescriptorCount =3D=3D *NumberOfDescriptors) { > + if (DescriptorCount =3D=3D *NumberOfDescriptors && *MemorySpaceMap != =3D > NULL) { Seems good to me. Reviewed-by: Hao Wu Best Regards, Hao Wu > // > // Fill in the MemorySpaceMap if no memory space map change. > // > -- > 2.16.2.windows.1