From mboxrd@z Thu Jan  1 00:00:00 1970
Return-Path: <michael.d.kinney@intel.com>
Received: from mga14.intel.com (mga14.intel.com [192.55.52.115])
 (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits))
 (No client certificate requested)
 by ml01.01.org (Postfix) with ESMTPS id 63BB821E2DA45
 for <edk2-devel@lists.01.org>; Wed, 16 Aug 2017 19:43:37 -0700 (PDT)
Received: from orsmga005.jf.intel.com ([10.7.209.41])
 by fmsmga103.fm.intel.com with ESMTP/TLS/DHE-RSA-AES256-GCM-SHA384;
 16 Aug 2017 19:46:03 -0700
X-ExtLoop1: 1
X-IronPort-AV: E=Sophos;i="5.41,385,1498546800"; d="scan'208";a="138516003"
Received: from orsmsx110.amr.corp.intel.com ([10.22.240.8])
 by orsmga005.jf.intel.com with ESMTP; 16 Aug 2017 19:46:03 -0700
Received: from orsmsx113.amr.corp.intel.com ([169.254.9.211]) by
 ORSMSX110.amr.corp.intel.com ([169.254.10.72]) with mapi id 14.03.0319.002;
 Wed, 16 Aug 2017 19:46:03 -0700
From: "Kinney, Michael D" <michael.d.kinney@intel.com>
To: =?iso-8859-1?Q?Marvin_H=E4user?= <Marvin.Haeuser@outlook.com>,
 "edk2-devel@lists.01.org" <edk2-devel@lists.01.org>, "Kinney, Michael D"
 <michael.d.kinney@intel.com>
Thread-Topic: [PATCH] QuarkSocPkg/QNCSmmDispatcher: Fix use after free issue #2
Thread-Index: AQHTAeg1Y1tBU15ZqkC99KszhPUwAKKIAHwAgAABCqA=
Date: Thu, 17 Aug 2017 02:46:02 +0000
Message-ID: <E92EE9817A31E24EB0585FDF735412F5A7D81B8E@ORSMSX113.amr.corp.intel.com>
References: <AM4PR06MB14913ADD38909440B48C08B880A40@AM4PR06MB1491.eurprd06.prod.outlook.com>
 <E92EE9817A31E24EB0585FDF735412F5A7D81B73@ORSMSX113.amr.corp.intel.com>
In-Reply-To: <E92EE9817A31E24EB0585FDF735412F5A7D81B73@ORSMSX113.amr.corp.intel.com>
Accept-Language: en-US
X-MS-Has-Attach: 
X-MS-TNEF-Correlator: 
dlp-product: dlpe-windows
dlp-version: 10.0.102.7
dlp-reaction: no-action
x-originating-ip: [10.22.254.138]
MIME-Version: 1.0
Subject: Re: [PATCH] QuarkSocPkg/QNCSmmDispatcher: Fix use after free issue #2
X-BeenThere: edk2-devel@lists.01.org
X-Mailman-Version: 2.1.22
Precedence: list
List-Id: EDK II Development  <edk2-devel.lists.01.org>
List-Unsubscribe: <https://lists.01.org/mailman/options/edk2-devel>,
 <mailto:edk2-devel-request@lists.01.org?subject=unsubscribe>
List-Archive: <http://lists.01.org/pipermail/edk2-devel/>
List-Post: <mailto:edk2-devel@lists.01.org>
List-Help: <mailto:edk2-devel-request@lists.01.org?subject=help>
List-Subscribe: <https://lists.01.org/mailman/listinfo/edk2-devel>,
 <mailto:edk2-devel-request@lists.01.org?subject=subscribe>
X-List-Received-Date: Thu, 17 Aug 2017 02:43:37 -0000
Content-Language: en-US
Content-Type: text/plain; charset="iso-8859-1"
Content-Transfer-Encoding: quoted-printable

Pushed as 4e33ff75d9

> -----Original Message-----
> From: Kinney, Michael D
> Sent: Wednesday, August 16, 2017 7:41 PM
> To: Marvin H=E4user <Marvin.Haeuser@outlook.com>; edk2-
> devel@lists.01.org; Kinney, Michael D
> <michael.d.kinney@intel.com>
> Cc: Steele, Kelly <kelly.steele@intel.com>
> Subject: RE: [PATCH] QuarkSocPkg/QNCSmmDispatcher: Fix use
> after free issue #2
>=20
> Marvin,
>=20
> Thanks for the fix!
>=20
> Reviewed-by: Michael D Kinney <michael.d.kinney@intel.com>
>=20
> I will push shortly.
>=20
> Mike
>=20
> > -----Original Message-----
> > From: Marvin H=E4user [mailto:Marvin.Haeuser@outlook.com]
> > Sent: Thursday, July 20, 2017 11:12 PM
> > To: edk2-devel@lists.01.org
> > Cc: Kinney, Michael D <michael.d.kinney@intel.com>; Steele,
> > Kelly <kelly.steele@intel.com>
> > Subject: [PATCH] QuarkSocPkg/QNCSmmDispatcher: Fix use after
> > free issue #2
> >
> > As part of commit 5f82e02, ActiveRecordInDb was introduced
> as
> > a copy
> > of RecordInDb as latter may be freed by the callback
> function.
> > This
> > commit replaces an access of RecordInDb after the callback
> > function
> > has been executed with an access to ActiveRecordInDb.
> >
> > Contributed-under: TianoCore Contribution Agreement 1.1
> > Signed-off-by: Marvin Haeuser <Marvin.Haeuser@outlook.com>
> > ---
> >
> >
> QuarkSocPkg/QuarkNorthCluster/Smm/DxeSmm/QncSmmDispatcher/QNCS
> > mmCore.c | 2 +-
> >  1 file changed, 1 insertion(+), 1 deletion(-)
> >
> > diff --git
> >
> a/QuarkSocPkg/QuarkNorthCluster/Smm/DxeSmm/QncSmmDispatcher/QN
> > CSmmCore.c
> >
> b/QuarkSocPkg/QuarkNorthCluster/Smm/DxeSmm/QncSmmDispatcher/QN
> > CSmmCore.c
> > index c2f75f86647a..29ad5f493466 100644
> > ---
> >
> a/QuarkSocPkg/QuarkNorthCluster/Smm/DxeSmm/QncSmmDispatcher/QN
> > CSmmCore.c
> > +++
> >
> b/QuarkSocPkg/QuarkNorthCluster/Smm/DxeSmm/QncSmmDispatcher/QN
> > CSmmCore.c
> > @@ -758,7 +758,7 @@ QNCSmmCoreDispatcher (
> >              }
> >            }
> >
> > -          if (RecordInDb->ClearSource =3D=3D NULL) {
> > +          if (ActiveRecordInDb.ClearSource =3D=3D NULL) {
> >              //
> >              // Clear the SMI associated w/ the source using
> > the default function
> >              //
> > --
> > 2.12.2.windows.2