From mboxrd@z Thu Jan 1 00:00:00 1970 Received: from mga18.intel.com (mga18.intel.com [134.134.136.126]) by mx.groups.io with SMTP id smtpd.web10.31.1588735041061761141 for ; Tue, 05 May 2020 20:17:21 -0700 Authentication-Results: mx.groups.io; dkim=pass header.i=@intel.onmicrosoft.com header.s=selector2-intel-onmicrosoft-com header.b=xbRCiX4x; spf=pass (domain: intel.com, ip: 134.134.136.126, mailfrom: wei6.xu@intel.com) IronPort-SDR: v+5JQ7kqvA/uSjCuCaLh4K/RawJRstb8v8BB2Udpi4CpJRNHj8swlo6jkck8RnB8RVJlagnauF 5afuo0cGvKZw== X-Amp-Result: SKIPPED(no attachment in message) X-Amp-File-Uploaded: False Received: from fmsmga004.fm.intel.com ([10.253.24.48]) by orsmga106.jf.intel.com with ESMTP/TLS/ECDHE-RSA-AES256-GCM-SHA384; 05 May 2020 20:17:19 -0700 IronPort-SDR: xOlfxwxPycAeMe17kLxNcTDjC5ciV+6Wxvev/G5z6mfyUX+bx6ElMWs654JcM94W0Xol48pRGd v37KguxZ3NiQ== X-ExtLoop1: 1 X-IronPort-AV: E=Sophos;i="5.73,357,1583222400"; d="scan'208,217";a="284468173" Received: from fmsmsx105.amr.corp.intel.com ([10.18.124.203]) by fmsmga004.fm.intel.com with ESMTP; 05 May 2020 20:17:19 -0700 Received: from fmsmsx153.amr.corp.intel.com (10.18.125.6) by FMSMSX105.amr.corp.intel.com (10.18.124.203) with Microsoft SMTP Server (TLS) id 14.3.439.0; Tue, 5 May 2020 20:17:18 -0700 Received: from FMSEDG001.ED.cps.intel.com (10.1.192.133) by FMSMSX153.amr.corp.intel.com (10.18.125.6) with Microsoft SMTP Server (TLS) id 14.3.439.0; Tue, 5 May 2020 20:17:18 -0700 Received: from NAM04-CO1-obe.outbound.protection.outlook.com (104.47.45.50) by edgegateway.intel.com (192.55.55.68) with Microsoft SMTP Server (TLS) id 14.3.439.0; Tue, 5 May 2020 20:17:18 -0700 ARC-Seal: i=1; a=rsa-sha256; s=arcselector9901; d=microsoft.com; cv=none; b=PP1jnSOXsP4NMdKe/zPvr/Bc+xIbXMKEs+JHBmWYDKbbRDhAGS4vJ6iX9B5QnPo8P+rox9RhjeZo+RgmG9GbKBC+VY27YJvIdr8oqi0sUAcj/Lj2VQYbTTAfqR1C6SuOETs9Ugs1jwsa3X39wMq0QUAMAAml2wXDjMsvjNCawAFjMlo1Et1vCZBhq2EqI+4ZLyDp8O9Nz385S1yyQwmtJH7hInpa3vNcxsLguSEwOYSQZD6wTwPdoz0zxJfQpG7vdoqvNS3E0feINotjOpcR64atUZuXobZYQmrnGk22BNiEKusfXjxRFEq4V9xfA0hh9OeijxBAoDM2xyVX+zNixg== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector9901; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=fWreIfsSOqZOzt4wZMUg38D8AWvh2VLZ5J4VYkkp1YI=; b=EOtfz/KGKKNo8F5YaxzKMWE/FvjUOboC8e6Lmary1SJG/4OeZiOP5UdbgPWrRHjCDpZTijqCjMRotwyaFVtF6saHKvlZiOCMyIp/PsT805LGjR5l+sf/+oZXl+3eG4d7vkF52HzPSq9csrDiS0WM0qa/AmApiXW28lc8tZ09hv1JaXno7z91LuIgtYq1x+WC/62s114ms8oMZMZtLgSoeJgsCyAxbYmogaCpWpVUY27IB0kLV/S1SXnJnWp+HXFSfWb9eXpFJMmobatHa+IQ9/HR0rsKSb0AjL9tVGQ4WJZmprUjrNegS7FhhVY0LMlZEdLQAF3LpakgH3LU1GFO9w== ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=pass smtp.mailfrom=intel.com; dmarc=pass action=none header.from=intel.com; dkim=pass header.d=intel.com; arc=none DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=intel.onmicrosoft.com; s=selector2-intel-onmicrosoft-com; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=fWreIfsSOqZOzt4wZMUg38D8AWvh2VLZ5J4VYkkp1YI=; b=xbRCiX4x4ugU32Q5aPpXxOOrceoFdCYOR+OpZHVZ8bRMrfs9ayd4XZzvSuR4fOZrGil8t0+z0XXb9sdAOi/NOVViKhmpblkMmm3bDiTbR2+Aj03dTleoDvieGkcSk4E+dGGwh/9ckoZjvlA7A0YlfH+dEJQxheiihIrlnbSMj2k= Received: from BN7PR11MB2770.namprd11.prod.outlook.com (2603:10b6:406:b4::20) by BN7PR11MB2532.namprd11.prod.outlook.com (2603:10b6:406:b0::26) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.2958.30; Wed, 6 May 2020 03:17:17 +0000 Received: from BN7PR11MB2770.namprd11.prod.outlook.com ([fe80::2929:ecd:8139:6a56]) by BN7PR11MB2770.namprd11.prod.outlook.com ([fe80::2929:ecd:8139:6a56%4]) with mapi id 15.20.2958.030; Wed, 6 May 2020 03:17:16 +0000 From: "Xu, Wei6" To: "Jiang, Guomin" , "devel@edk2.groups.io" , Kun Qin , "Kinney, Michael D" CC: "Gao, Liming" Subject: Re: [edk2-devel] [PATCH] FmpDevicePkg/FmpDxe: Fix uninitialized pointer dereference Thread-Topic: [edk2-devel] [PATCH] FmpDevicePkg/FmpDxe: Fix uninitialized pointer dereference Thread-Index: AQHV/Ow90WEWUrmAW06w7cZabl8GS6hN8BUAgAfYilD//4PyAIAAjjLwgES18KCAAAXAUA== Date: Wed, 6 May 2020 03:17:16 +0000 Message-ID: References: <20200318061227.12480-1-wei6.xu@intel.com> , <15FEE0ADB157EE06.9780@groups.io> In-Reply-To: Accept-Language: en-GB, en-US X-MS-Has-Attach: X-MS-TNEF-Correlator: authentication-results: intel.com; dkim=none (message not signed) header.d=none;intel.com; dmarc=none action=none header.from=intel.com; x-originating-ip: [192.102.204.45] x-ms-publictraffictype: Email x-ms-office365-filtering-correlation-id: c17de538-edac-4385-2970-08d7f16bfaef x-ms-traffictypediagnostic: BN7PR11MB2532: x-ms-exchange-transport-forked: True x-microsoft-antispam-prvs: x-ms-oob-tlc-oobclassifiers: OLM:3173; x-forefront-prvs: 03950F25EC x-ms-exchange-senderadcheck: 1 x-microsoft-antispam: BCL:0; x-microsoft-antispam-message-info: adnEPJVpQ01wxivG9NTWZM/pZ8XGAo1TrPXQ8CjsqSsox8wr/PCuLq1xcuD6YXkjOlT3BjPMFCpktc0Cuzuj288V6IE+oxFR2jA60X1EHKP5jYwaepOslWyRLfUsnsfq5oJI7MC5zzQFG4lxmPEfZANDS5bmLUytMrtIm6KC9aRH9O+XWaTtB6Lxn4fgg01MKjBi2bgIai4dWGvE+a157VQcEaHABuQ2oOM6bm/G1h949F+6SVg9MndsyCGoFvUYKzjIDp/baAEW4FcqEAWxcA0FKiTlkR/c/SCSfWn71lHPWiI9ZDywRvWlZwud5ZwalgJoeWfykRwe4ta0+ff2pdhWvc+JKu7kXpc+V/MXRrA4oYhvXrH+wsJhNA4wV8DgFX0onZYgEGyi3md0jVZsmqTjYnC/PUThmIvA3hPpAemoVc/LQmW53D7dnGQMD4zygS33MYi9serAyZjOz/ZL8HYIs6Xw0+i6YDEd2J37B+u+kSodRmctYu9MIy10eutSqSsGCrGsqRs2UsSpv6UIh9OnwCENasZ9cgQPHeViz7B7syeZN3s+ZtwNQXrNRaKzxhx36kH6PCTnfCWs4RqaasX2MNQNxzF2plt81aeCZLA= x-forefront-antispam-report: CIP:255.255.255.255;CTRY:;LANG:en;SCL:1;SRV:;IPV:NLI;SFV:NSPM;H:BN7PR11MB2770.namprd11.prod.outlook.com;PTR:;CAT:NONE;SFTY:;SFS:(136003)(376002)(346002)(39860400002)(366004)(396003)(33430700001)(66476007)(52536014)(53546011)(66946007)(66446008)(64756008)(66556008)(76116006)(110136005)(33656002)(8936002)(26005)(186003)(8676002)(6506007)(7696005)(316002)(9686003)(55016002)(107886003)(4326008)(2906002)(6636002)(71200400001)(966005)(5660300002)(86362001)(45080400002)(76236002)(33440700001)(166002)(478600001);DIR:OUT;SFP:1102; x-ms-exchange-antispam-messagedata: GIpRAD2LOfYi3BJa3XRiA9AVfcQp4g/FCnB09RcTVMTKk4r6Jl2hbu68z8ODAwGqbGSKpYlO36trBKG80YhNI54+wzkyww1XR6GDNy5rdEw3VsndmQxvWCUzxSu/f0pbCi8NHhu8hq0zqnsxpEJikdlxphjvDjsxLc6FVn6jPt61FgKLtQzh6CMkb9vlhGciM/NMdxjeWBUtdUdxuM2hkWAmHMJCdJLkVBBB1Cw3gxQoiDrGMWLFmtvdc5DPliLTxXYv5RkGlL9rq9t96sIAjaETOh4uIdsM/Q48VLrfiTT0rsuNKat/hODx0DpIxEI/iJll3eHZ3Au41AbTdWJbXLPqabp5+J+kNK2mN+HA7mCeB7PA1wEwMKxdPS+eMYPazQ4ozsgxdYphHJ8VM7OEZXWD6J1CzZ1mTVAtfwRj3eK//PIiPGzMY/1VDC9gQJ28jVbxu9nUqfGs/jONindiqC16acNHUrJjboICe/mvECLBeh0PIo/75z0uBfJDEaGEcUSpEqPlgSMFCDqwTWBn3g7dZafvsVYGrggxNJj6eKc5CPxyA2ZFuMfZEGMGyhMmDcczoWVWcyKqFH44K/HzdZRi9tytu2QVnRCr0G8rJX4MSLeW5C7j7ZEnbUtyfWYKPhFisCBE9tY04Nkn0gAwZQrh74eWMI5sAg/Q5+t76pb5+0kOP4bt631i2BcQ3DyEhqUzThkt6r7ag7TX4GY3n2Ea34LfTLpeCQQBZAe743sLass40bvyvPyP06J3FG9lcSi2Uqn0wg0NbIcXick5C8Wmh4Ixv28+tFjaFIg8ELg= MIME-Version: 1.0 X-MS-Exchange-CrossTenant-Network-Message-Id: c17de538-edac-4385-2970-08d7f16bfaef X-MS-Exchange-CrossTenant-originalarrivaltime: 06 May 2020 03:17:16.8517 (UTC) X-MS-Exchange-CrossTenant-fromentityheader: Hosted X-MS-Exchange-CrossTenant-id: 46c98d88-e344-4ed4-8496-4ed7712e255d X-MS-Exchange-CrossTenant-mailboxtype: HOSTED X-MS-Exchange-CrossTenant-userprincipalname: w+M3/cON0t0zlaRKSQ0dmuffCXYvTs7ayZYbJKT0kR5kMPRB1iZtJXPaOPgqAMw5NatY3zLVGK7pHNcoVboPpQ== X-MS-Exchange-Transport-CrossTenantHeadersStamped: BN7PR11MB2532 Return-Path: wei6.xu@intel.com X-OriginatorOrg: intel.com Content-Language: en-US Content-Type: multipart/alternative; boundary="_000_BN7PR11MB27706039459B92945D4EE995A1A40BN7PR11MB2770namp_" --_000_BN7PR11MB27706039459B92945D4EE995A1A40BN7PR11MB2770namp_ Content-Type: text/plain; charset="us-ascii" Content-Transfer-Encoding: quoted-printable Hi Guomin, The patch was just pushed. Thanks a lot. BR, Wei From: Jiang, Guomin Sent: Wednesday, May 6, 2020 9:36 AM To: devel@edk2.groups.io; Jiang, Guomin ; Kun Qin = ; Kinney, Michael D ; Xu= , Wei6 Cc: Gao, Liming Subject: RE: [edk2-devel] [PATCH] FmpDevicePkg/FmpDxe: Fix uninitialized p= ointer dereference I can't search the patch in master, anyone can pull the patch if it haven'= t been pull. Best Regards guomin From: devel@edk2.groups.io > On Behalf Of Guomin Jiang Sent: Monday, March 23, 2020 4:13 PM To: Kun Qin >; devel@e= dk2.groups.io; Kinney, Michael D >; Xu, Wei6 > Cc: Gao, Liming > Subject: Re: [edk2-devel] [PATCH] FmpDevicePkg/FmpDxe: Fix uninitialized p= ointer dereference Hi Kun, It is clear and i have no confusion. Reviewed-by: Guomin Jiang > Thanks guomin From: Kun Qin [mailto:Kun.Qin@microsoft.com] Sent: Monday, March 23, 2020 3:40 PM To: Jiang, Guomin >;= devel@edk2.groups.io; Kinney, Michael D >; Xu, Wei6 > Cc: Gao, Liming > Subject: RE: [edk2-devel] [PATCH] FmpDevicePkg/FmpDxe: Fix uninitialized p= ointer dereference Hi Guomin, Thanks for reaching out. I did encounter a GP fault because of this issue: If Line 582 is triggered when = the first Fmp->GetImageInfo failed, this specific mFmpImageInfoBuf[Index] w= ill remain to be uninitialized value (0xFAFAFAFAFAF in my case). Later on w= hen it comes to line 632, it wi= ll pass the null pointer check and try to dereference it, which leads to GP= fault. Please let me know if you need further clarification. Thanks, Kun From: Jiang, Guomin Sent: Monday, March 23, 2020 12:21 AM To: devel@edk2.groups.io; Kinney, Michael D; Xu, Wei6 Cc: Kun Qin; Gao, Liming Subject: [EXTERNAL] RE: [edk2-devel] [PATCH] FmpDevicePkg/FmpDxe: Fix unin= itialized pointer dereference Hi Xuwei, QinKun, Have you indeed encounter this issue or just think it is potential issue. I think below code will always initialize the mFmpImageInfoBuf[] and make= sure it is valid. Line 585 - mFmpImageInfoBuf[Index] =3D AllocateZeroPool (ImageInfoSize); If the second GetImageInfo() is runned, I think it will always have correc= t mfmpImageInfoBuf[] address. Of course, it is ok to use AllocateZeroPool to ensure zero buffer is alloc= ated. Thanks > -----Original Message----- > From: devel@edk2.groups.io [mailto:devel@ed= k2.groups.io] On Behalf Of > Michael D Kinney > Sent: Wednesday, March 18, 2020 11:15 PM > To: Xu, Wei6 >; devel@edk2.g= roups.io; Kinney, Michael > D > > Cc: Kun Qin >; Gao, Limi= ng > > Subject: Re: [edk2-devel] [PATCH] FmpDevicePkg/FmpDxe: Fix uninitialized > pointer dereference > > Reviewed-by: Michael D Kinney > > > > -----Original Message----- > > From: Xu, Wei6 > > > Sent: Tuesday, March 17, 2020 11:12 PM > > To: devel@edk2.groups.io > > Cc: Kun Qin >; Kinney,= Michael D > > >; Gao, = Liming > > > Subject: [edk2-devel] [PATCH] FmpDevicePkg/FmpDxe: Fix uninitialized > > pointer dereference > > > > From: Kun Qin > > > > > REF: > > https://nam06.safelinks.protection.outlook.com/?url=3Dhttps%3A%2F%2Fbu= gzilla.tianocore.org%2Fshow_bug.cgi%3Fid%3D2602&data=3D02%7C01%7CKun.Qi= n%40microsoft.com%7C3c1042cd095b42a51b9d08d7cefad022%7C72f988bf86f141af91ab= 2d7cd011db47%7C1%7C0%7C637205448946602054&sdata=3D95z6fDC0uceCCs2MuoeCR= 4MXgRhAI3dVssWeddsWT5s%3D&reserved=3D0 > > > > Zero the allocated buffer in case GetImageInfo `continue` in the > > middle of a loop. This will cause unexpected GetImageInfo failure not > > clearing the corresponding entry and lead to GP faults when > > dereferencing this entry. > > > > Cc: Michael D Kinney > > > Cc: Liming Gao > > > Signed-off-by: Wei6 Xu > > > --- > > FmpDevicePkg/FmpDxe/Dependency.c | 2 +- > > 1 file changed, 1 insertion(+), 1 deletion(-) > > > > diff --git a/FmpDevicePkg/FmpDxe/Dependency.c > > b/FmpDevicePkg/FmpDxe/Dependency.c > > index 8f97c42916..65c23989c6 100644 > > --- a/FmpDevicePkg/FmpDxe/Dependency.c > > +++ b/FmpDevicePkg/FmpDxe/Dependency.c > > @@ -550,11 +550,11 @@ EvaluateImageDependencies ( > > ); > > if (EFI_ERROR (Status)) { > > return EFI_ABORTED; > > } > > > > - mFmpImageInfoBuf =3D AllocatePool > > (sizeof(EFI_FIRMWARE_IMAGE_DESCRIPTOR *) * > mNumberOfFmpInstance); > > + mFmpImageInfoBuf =3D AllocateZeroPool > > (sizeof(EFI_FIRMWARE_IMAGE_DESCRIPTOR *) * > mNumberOfFmpInstance); > > if (mFmpImageInfoBuf =3D=3D NULL) { > > return EFI_OUT_OF_RESOURCES; > > } > > > > for (Index =3D 0; Index < mNumberOfFmpInstance; Index > > ++) { > > -- > > 2.16.2.windows.1 > > > --_000_BN7PR11MB27706039459B92945D4EE995A1A40BN7PR11MB2770namp_ Content-Type: text/html; charset="us-ascii" Content-Transfer-Encoding: quoted-printable

Hi = Guomin,

 

The= patch was just pushed. Thanks a lot.

 

BR,=

Wei=

From: Jiang, Guomin <guomin.jiang@intel.com>
Sent: Wednesday, May 6, 2020 9:36 AM
To: devel@edk2.groups.io; Jiang, Guomin <guomin.jiang@intel.com&= gt;; Kun Qin <Kun.Qin@microsoft.com>; Kinney, Michael D <michael.d= .kinney@intel.com>; Xu, Wei6 <wei6.xu@intel.com>
Cc: Gao, Liming <liming.gao@intel.com>
Subject: RE: [edk2-devel] [PATCH] FmpDevicePkg/FmpDxe: Fix uninitia= lized pointer dereference

 

I can’t search the patch= in master, anyone can pull the patch if it haven’t been pull.

 

Best Regards=

guomin

From: devel@edk2.groups.io <devel= @edk2.groups.io> On Behalf Of Guomin Jiang
Sent: Monday, March 23, 2020 4:13 PM
To: Kun Qin <Kun.Qin@mi= crosoft.com>; devel@edk2.groups.io; Kinney, = Michael D <michael.d.kinne= y@intel.com>; Xu, Wei6 <wei6= .xu@intel.com>
Cc: Gao, Liming <liming.= gao@intel.com>
Subject: Re: [edk2-devel] [PATCH] FmpDevicePkg/FmpDxe: Fix uninitia= lized pointer dereference

 

Hi Kun= ,

&= nbsp;

It is = clear and i have no confusion.

&= nbsp;

Review= ed-by: Guomin Jiang <guomin.jiang@intel.com= >

&= nbsp;

Thanks=

guomin=

From: Kun Qin [mailto:Kun.Q= in@microsoft.com]
Sent: Monday, March 23, 2020 3:40 PM
To: Jiang, Guomin <guo= min.jiang@intel.com>; devel@edk2.groups.io; Kinney, = Michael D <michael.d.kinne= y@intel.com>; Xu, Wei6 <wei6= .xu@intel.com>
Cc: Gao, Liming <liming.= gao@intel.com>
Subject: RE: [edk2-devel] [PATCH] FmpDevicePkg/FmpDxe: Fix uninitia= lized pointer dereference

 

Hi Guomin,

 

Thanks for reaching out. I did= encounter a GP fault because of this issue:

 

If Line 582 is triggered when the first Fmp->GetImageInfo failed, this= specific mFmpImageInfoBuf[Index] will remain to be uninitialized value (0xFAFAF= AFAFAF in my case). Later on when it comes to line 632, it will pass the null pointer check and try to dereference i= t, which leads to GP fault. Please let me know if you need further clarific= ation.

 

Thanks,

Kun

 

From: Jiang, Guomin
Sent: Monday, March 23, 2020 12:21 AM
To: devel@edk2.groups.io; Kinney, Michael D; Xu, Wei6 Cc: Kun Qin; Gao, Liming
Subject: [EXTERNAL] RE: [edk2-devel] [PATCH] FmpDevicePkg/FmpDxe: F= ix uninitialized pointer dereference

 

Hi Xuwei, QinKun,

Have you indeed encounter this issue or just think it is potential issue.<= br>
I think  below code will always initialize the mFmpImageInfoBuf[] and= make sure it is valid.
Line 585 - mFmpImageInfoBuf[Index] =3D AllocateZeroPool (ImageInfoSize);
If the second GetImageInfo() is runned, I think it will always have correc= t mfmpImageInfoBuf[] address.

Of course, it is ok to use AllocateZeroPool to ensure zero buffer is alloc= ated.

Thanks

> -----Original Message-----
> From: devel@edk2.groups.io [mailto:devel@edk2.groups.io]= On Behalf Of
> Michael D Kinney
> Sent: Wednesday, March 18, 2020 11:15 PM
> To: Xu, Wei6 <wei6.xu@intel.c= om>; devel@edk2.groups.io; Kinney, Michael
> D <michael.d.kinney@= intel.com>
> Cc: Kun Qin <kuqin@microsof= t.com>; Gao, Liming <limi= ng.gao@intel.com>
> Subject: Re: [edk2-devel] [PATCH] FmpDevicePkg/FmpDxe: Fix uninitiali= zed
> pointer dereference
>
> Reviewed-by: Michael D Kinney <michael.d.kinney@intel.com>
>
> > -----Original Message-----
> > From: Xu, Wei6 <wei6.xu@= intel.com>
> > Sent: Tuesday, March 17, 2020 11:12 PM
> > To: devel@edk2.groups.io=
> > Cc: Kun Qin <kuqin@mic= rosoft.com>; Kinney, Michael D
> > <michael.d.kinn= ey@intel.com>; Gao, Liming <liming.gao@intel.com>
> > Subject: [edk2-devel] [PATCH] FmpDevicePkg/FmpDxe: Fix uninitial= ized
> > pointer dereference
> >
> > From: Kun Qin <kuqin@m= icrosoft.com>
> >
> > REF:
> > https://nam06.safelinks.protection.outlook.com/?url=3Dhttps%3A%2F%2Fbugzil= la.tianocore.org%2Fshow_bug.cgi%3Fid%3D2602&amp;data=3D02%7C01%7CKun.Qi= n%40microsoft.com%7C3c1042cd095b42a51b9d08d7cefad022%7C72f988bf86f141af91ab= 2d7cd011db47%7C1%7C0%7C637205448946602054&amp;sdata=3D95z6fDC0uceCCs2Mu= oeCR4MXgRhAI3dVssWeddsWT5s%3D&amp;reserved=3D0
> >
> > Zero the allocated buffer in case GetImageInfo `continue` in the=
> > middle of a loop. This will cause unexpected GetImageInfo failur= e not
> > clearing the corresponding entry and lead to GP faults when
> > dereferencing this entry.
> >
> > Cc: Michael D Kinney <michael.d.kinney@intel.com>
> > Cc: Liming Gao <limin= g.gao@intel.com>
> > Signed-off-by: Wei6 Xu <= wei6.xu@intel.com>
> > ---
> >  FmpDevicePkg/FmpDxe/Dependency.c | 2 +-
> >  1 file changed, 1 insertion(+), 1 deletion(-)
> >
> > diff --git a/FmpDevicePkg/FmpDxe/Dependency.c
> > b/FmpDevicePkg/FmpDxe/Dependency.c
> > index 8f97c42916..65c23989c6 100644
> > --- a/FmpDevicePkg/FmpDxe/Dependency.c
> > +++ b/FmpDevicePkg/FmpDxe/Dependency.c
> > @@ -550,11 +550,11 @@ EvaluateImageDependencies (
> >           = ;       );
> >    if (EFI_ERROR (Status)) {
> >      return EFI_ABORTED;
> >    }
> >
> > -  mFmpImageInfoBuf =3D AllocatePool
> > (sizeof(EFI_FIRMWARE_IMAGE_DESCRIPTOR *) *
> mNumberOfFmpInstance);
> > +  mFmpImageInfoBuf =3D AllocateZeroPool
> > (sizeof(EFI_FIRMWARE_IMAGE_DESCRIPTOR *) *
> mNumberOfFmpInstance);
> >    if (mFmpImageInfoBuf =3D=3D NULL) {
> >      return EFI_OUT_OF_RESOURCES;
> >    }
> >
> >    for (Index =3D 0; Index < mNumberOfFmpInsta= nce; Index
> > ++) {
> > --
> > 2.16.2.windows.1
>
>
>

 

--_000_BN7PR11MB27706039459B92945D4EE995A1A40BN7PR11MB2770namp_--