From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Received-SPF: Pass (sender SPF authorized) identity=mailfrom; client-ip=192.55.52.151; helo=mga17.intel.com; envelope-from=hao.a.wu@intel.com; receiver=edk2-devel@lists.01.org Received: from mga17.intel.com (mga17.intel.com [192.55.52.151]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ml01.01.org (Postfix) with ESMTPS id D994F208F60E0 for ; Mon, 11 Feb 2019 04:58:52 -0800 (PST) X-Amp-Result: SKIPPED(no attachment in message) X-Amp-File-Uploaded: False Received: from orsmga005.jf.intel.com ([10.7.209.41]) by fmsmga107.fm.intel.com with ESMTP/TLS/DHE-RSA-AES256-GCM-SHA384; 11 Feb 2019 04:58:51 -0800 X-ExtLoop1: 1 X-IronPort-AV: E=Sophos;i="5.58,358,1544515200"; d="scan'208";a="298832867" Received: from fmsmsx108.amr.corp.intel.com ([10.18.124.206]) by orsmga005.jf.intel.com with ESMTP; 11 Feb 2019 04:58:51 -0800 Received: from shsmsx151.ccr.corp.intel.com (10.239.6.50) by FMSMSX108.amr.corp.intel.com (10.18.124.206) with Microsoft SMTP Server (TLS) id 14.3.408.0; Mon, 11 Feb 2019 04:58:50 -0800 Received: from shsmsx104.ccr.corp.intel.com ([169.254.5.102]) by SHSMSX151.ccr.corp.intel.com ([169.254.3.172]) with mapi id 14.03.0415.000; Mon, 11 Feb 2019 20:58:48 +0800 From: "Wu, Hao A" To: "Chen, Chen A" , "edk2-devel@lists.01.org" CC: "Gao, Liming" , "Zhang, Chao B" Thread-Topic: [edk2] [PATCH] MdeModulePkg/CapsuleApp: Fix memory leak issue. Thread-Index: AQHUwdFseF2THZN24kS2+YNKrHHHxaXajWXw Date: Mon, 11 Feb 2019 12:58:48 +0000 Message-ID: References: <20190211061654.53812-1-chen.a.chen@intel.com> In-Reply-To: <20190211061654.53812-1-chen.a.chen@intel.com> Accept-Language: zh-CN, en-US X-MS-Has-Attach: X-MS-TNEF-Correlator: x-originating-ip: [10.239.127.40] MIME-Version: 1.0 Subject: Re: [PATCH] MdeModulePkg/CapsuleApp: Fix memory leak issue. X-BeenThere: edk2-devel@lists.01.org X-Mailman-Version: 2.1.29 Precedence: list List-Id: EDK II Development List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Mon, 11 Feb 2019 12:58:53 -0000 Content-Language: en-US Content-Type: text/plain; charset="us-ascii" Content-Transfer-Encoding: quoted-printable > -----Original Message----- > From: edk2-devel [mailto:edk2-devel-bounces@lists.01.org] On Behalf Of Ch= en > A Chen > Sent: Monday, February 11, 2019 2:17 PM > To: edk2-devel@lists.01.org > Cc: Wu, Hao A; Gao, Liming; Zhang, Chao B > Subject: [edk2] [PATCH] MdeModulePkg/CapsuleApp: Fix memory leak issue. >=20 > This issue is caused by FileInfoBuffer variable. This is a pointer array > and each elements also pointer to a memory buffer that is allocated and > returned by AllocateCopyPool function. >=20 > Cc: Jian J Wang > Cc: Hao Wu > Cc: Zhang Chao B > Cc: Liming Gao > Contributed-under: TianoCore Contribution Agreement 1.1 > Signed-off-by: Chen A Chen > --- > MdeModulePkg/Application/CapsuleApp/CapsuleDump.c | 81 > ++++++++++++++++------- > 1 file changed, 56 insertions(+), 25 deletions(-) >=20 > diff --git a/MdeModulePkg/Application/CapsuleApp/CapsuleDump.c > b/MdeModulePkg/Application/CapsuleApp/CapsuleDump.c > index 7bef5a1378..00cf45d66a 100644 > --- a/MdeModulePkg/Application/CapsuleApp/CapsuleDump.c > +++ b/MdeModulePkg/Application/CapsuleApp/CapsuleDump.c > @@ -806,48 +806,69 @@ DumpCapsuleFromDisk ( > Status =3D Fs->OpenVolume (Fs, &Root); > if (EFI_ERROR (Status)) { > Print (L"Cannot open volume. Status =3D %r\n", Status); > - return EFI_NOT_FOUND; > + goto Done; > } >=20 > Status =3D Root->Open (Root, &DirHandle, EFI_CAPSULE_FILE_DIRECTORY, > EFI_FILE_MODE_READ | EFI_FILE_MODE_WRITE , 0); > if (EFI_ERROR (Status)) { > Print (L"Cannot open %s. Status =3D %r\n", EFI_CAPSULE_FILE_DIRECTOR= Y, > Status); > - return EFI_NOT_FOUND; > + goto Done; > } >=20 > // > // Get file count first > // > - for ( Status =3D FileHandleFindFirstFile (DirHandle, &FileInfo) > - ; !EFI_ERROR(Status) && !NoFile > - ; Status =3D FileHandleFindNextFile (DirHandle, FileInfo, &NoFile) > - ){ > - if ((FileInfo->Attribute & (EFI_FILE_SYSTEM | EFI_FILE_ARCHIVE)) =3D= =3D 0) { > - continue; > + do { > + Status =3D FileHandleFindFirstFile (DirHandle, &FileInfo); > + if (EFI_ERROR (Status) || FileInfo =3D=3D NULL) { > + Print (L"Get File Info Fail. Status =3D %r\n", Status); > + goto Done; > } > - FileCount++; > - } > + > + if ((FileInfo->Attribute & (EFI_FILE_SYSTEM | EFI_FILE_ARCHIVE)) != =3D 0) { > + FileCount++; > + } > + > + Status =3D FileHandleFindNextFile (DirHandle, FileInfo, &NoFile); > + if (EFI_ERROR (Status)) { > + Print (L"Get Next File Fail. Status =3D %r\n", Status); > + goto Done; > + } > + } while (!NoFile); >=20 > if (FileCount =3D=3D 0) { > Print (L"Error: No capsule file found!\n"); > - return EFI_NOT_FOUND; > + Status =3D EFI_NOT_FOUND; > + goto Done; > } >=20 > FileInfoBuffer =3D AllocatePool (sizeof(FileInfo) * FileCount); > + if (FileInfoBuffer =3D=3D NULL) { > + Status =3D EFI_OUT_OF_RESOURCES; > + goto Done; > + } > NoFile =3D FALSE; >=20 > // > // Get all file info > // > - for ( Status =3D FileHandleFindFirstFile (DirHandle, &FileInfo) > - ; !EFI_ERROR (Status) && !NoFile > - ; Status =3D FileHandleFindNextFile (DirHandle, FileInfo, &NoFile) > - ){ > - if ((FileInfo->Attribute & (EFI_FILE_SYSTEM | EFI_FILE_ARCHIVE)) =3D= =3D 0) { > - continue; > + do { > + Status =3D FileHandleFindFirstFile (DirHandle, &FileInfo); > + if (EFI_ERROR (Status) || FileInfo =3D=3D NULL) { > + Print (L"Get File Info Fail. Status =3D %r\n", Status); > + goto Done; > } > - FileInfoBuffer[Index++] =3D AllocateCopyPool ((UINTN)FileInfo->Size,= FileInfo); > - } > + > + if ((FileInfo->Attribute & (EFI_FILE_SYSTEM | EFI_FILE_ARCHIVE)) != =3D 0) { > + FileInfoBuffer[Index++] =3D AllocateCopyPool ((UINTN)FileInfo->Siz= e, FileInfo); An error handling may be needed here as well. Also, if memory allocation does fail here during the 'do-while' loop, elements in array 'FileInfoBuffer' may not all have valid values. For this case, the cleanup under tag 'Done' may not be proper. Best Regards, Hao Wu > + } > + > + Status =3D FileHandleFindNextFile (DirHandle, FileInfo, &NoFile); > + if (EFI_ERROR (Status)) { > + Print (L"Get Next File Fail. Status =3D %r\n", Status); > + goto Done; > + } > + } while (!NoFile); >=20 > // > // Sort FileInfoBuffer by alphabet order > @@ -866,7 +887,8 @@ DumpCapsuleFromDisk ( > } >=20 > if (!DumpCapsuleInfo) { > - return EFI_SUCCESS; > + Status =3D EFI_SUCCESS; > + goto Done; > } >=20 > Print(L"The infomation of the capsules:\n"); > @@ -875,19 +897,20 @@ DumpCapsuleFromDisk ( > FileHandle =3D NULL; > Status =3D DirHandle->Open (DirHandle, &FileHandle, FileInfoBuffer[I= ndex]- > >FileName, EFI_FILE_MODE_READ, 0); > if (EFI_ERROR (Status)) { > - break; > + goto Done; > } >=20 > Status =3D FileHandleGetSize (FileHandle, (UINT64 *) &FileSize); > if (EFI_ERROR (Status)) { > Print (L"Cannot read file %s. Status =3D %r\n", FileInfoBuffer[Ind= ex]- > >FileName, Status); > FileHandleClose (FileHandle); > - return Status; > + goto Done; > } >=20 > FileBuffer =3D AllocatePool (FileSize); > if (FileBuffer =3D=3D NULL) { > - return RETURN_OUT_OF_RESOURCES; > + Status =3D EFI_OUT_OF_RESOURCES; > + goto Done; > } >=20 > Status =3D FileHandleRead (FileHandle, &FileSize, FileBuffer); > @@ -895,7 +918,7 @@ DumpCapsuleFromDisk ( > Print (L"Cannot read file %s. Status =3D %r\n", FileInfoBuffer[Ind= ex]- > >FileName, Status); > FreePool (FileBuffer); > FileHandleClose (FileHandle); > - return Status; > + goto Done; > } >=20 > Print (L"**************************\n"); > @@ -906,7 +929,15 @@ DumpCapsuleFromDisk ( > FreePool (FileBuffer); > } >=20 > - return EFI_SUCCESS; > +Done: > + if (FileInfoBuffer !=3D NULL) { > + for (Index =3D 0; Index < FileCount; Index++) { > + FreePool (FileInfoBuffer[Index]); > + } > + FreePool (FileInfoBuffer); > + } > + > + return Status; > } >=20 > /** > -- > 2.16.2.windows.1 >=20 > _______________________________________________ > edk2-devel mailing list > edk2-devel@lists.01.org > https://lists.01.org/mailman/listinfo/edk2-devel