From mboxrd@z Thu Jan  1 00:00:00 1970
Return-Path: <eric.dong@intel.com>
Received: from mga06.intel.com (mga06.intel.com [134.134.136.31])
 (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits))
 (No client certificate requested)
 by ml01.01.org (Postfix) with ESMTPS id 6FB44208F7A18
 for <edk2-devel@lists.01.org>; Wed,  2 Aug 2017 20:12:58 -0700 (PDT)
Received: from fmsmga005.fm.intel.com ([10.253.24.32])
 by orsmga104.jf.intel.com with ESMTP; 02 Aug 2017 20:15:09 -0700
X-ExtLoop1: 1
X-IronPort-AV: E=Sophos;i="5.41,314,1498546800"; d="scan'208";a="134775278"
Received: from fmsmsx108.amr.corp.intel.com ([10.18.124.206])
 by fmsmga005.fm.intel.com with ESMTP; 02 Aug 2017 20:15:09 -0700
Received: from fmsmsx120.amr.corp.intel.com (10.18.124.208) by
 FMSMSX108.amr.corp.intel.com (10.18.124.206) with Microsoft SMTP Server (TLS)
 id 14.3.319.2; Wed, 2 Aug 2017 20:15:08 -0700
Received: from shsmsx104.ccr.corp.intel.com (10.239.4.70) by
 fmsmsx120.amr.corp.intel.com (10.18.124.208) with Microsoft SMTP Server (TLS)
 id 14.3.319.2; Wed, 2 Aug 2017 20:15:08 -0700
Received: from shsmsx102.ccr.corp.intel.com ([169.254.2.146]) by
 SHSMSX104.ccr.corp.intel.com ([10.239.4.70]) with mapi id 14.03.0319.002;
 Thu, 3 Aug 2017 11:15:06 +0800
From: "Dong, Eric" <eric.dong@intel.com>
To: "Bi, Dandan" <dandan.bi@intel.com>, "edk2-devel@lists.01.org"
 <edk2-devel@lists.01.org>
CC: Bo Chen <chenbo@pdx.edu>, "Gao, Liming" <liming.gao@intel.com>
Thread-Topic: [edk2] [patch] BaseTools/VfrCompile: Fix segmentation fault
 issues
Thread-Index: AQHTBoO2jjjEjzvLJUqEHTlGph0RLKJyAEEw
Date: Thu, 3 Aug 2017 03:15:06 +0000
Message-ID: <ED077930C258884BBCB450DB737E66224A9A3D5C@shsmsx102.ccr.corp.intel.com>
References: <1501123989-197208-1-git-send-email-dandan.bi@intel.com>
In-Reply-To: <1501123989-197208-1-git-send-email-dandan.bi@intel.com>
Accept-Language: en-US
X-MS-Has-Attach: 
X-MS-TNEF-Correlator: 
x-originating-ip: [10.239.127.40]
MIME-Version: 1.0
Subject: Re: [patch] BaseTools/VfrCompile: Fix segmentation fault issues
X-BeenThere: edk2-devel@lists.01.org
X-Mailman-Version: 2.1.22
Precedence: list
List-Id: EDK II Development  <edk2-devel.lists.01.org>
List-Unsubscribe: <https://lists.01.org/mailman/options/edk2-devel>,
 <mailto:edk2-devel-request@lists.01.org?subject=unsubscribe>
List-Archive: <http://lists.01.org/pipermail/edk2-devel/>
List-Post: <mailto:edk2-devel@lists.01.org>
List-Help: <mailto:edk2-devel-request@lists.01.org?subject=help>
List-Subscribe: <https://lists.01.org/mailman/listinfo/edk2-devel>,
 <mailto:edk2-devel-request@lists.01.org?subject=subscribe>
X-List-Received-Date: Thu, 03 Aug 2017 03:12:58 -0000
Content-Language: en-US
Content-Type: text/plain; charset="us-ascii"
Content-Transfer-Encoding: quoted-printable

Reviewed-by: Eric Dong <eric.dong@intel.com>

-----Original Message-----
From: edk2-devel [mailto:edk2-devel-bounces@lists.01.org] On Behalf Of Dand=
an Bi
Sent: Thursday, July 27, 2017 10:53 AM
To: edk2-devel@lists.01.org
Cc: Bo Chen <chenbo@pdx.edu>; Gao, Liming <liming.gao@intel.com>
Subject: [edk2] [patch] BaseTools/VfrCompile: Fix segmentation fault issues

REF: https://bugzilla.tianocore.org/show_bug.cgi?id=3D532

(1) Add NULL check before using a pointer.
(2) Use "%s" format string in DebugError function to
    avoid crash caused by incorrect input.

Cc: Bo Chen <chenbo@pdx.edu>
Cc: Liming Gao <liming.gao@intel.com>
Contributed-under: TianoCore Contribution Agreement 1.0
Signed-off-by: Dandan Bi <dandan.bi@intel.com>
---
 BaseTools/Source/C/VfrCompile/VfrCompiler.cpp | 14 +++++++-------
 1 file changed, 7 insertions(+), 7 deletions(-)

diff --git a/BaseTools/Source/C/VfrCompile/VfrCompiler.cpp b/BaseTools/Sour=
ce/C/VfrCompile/VfrCompiler.cpp
index ff7057a..e65a925 100644
--- a/BaseTools/Source/C/VfrCompile/VfrCompiler.cpp
+++ b/BaseTools/Source/C/VfrCompile/VfrCompiler.cpp
@@ -640,11 +640,11 @@ CVfrCompiler::PreProcess (
   if (mOptions.SkipCPreprocessor =3D=3D TRUE) {
     goto Out;
   }
=20
   if ((pVfrFile =3D fopen (LongFilePath (mOptions.VfrFileName), "r")) =3D=
=3D NULL) {
-    DebugError (NULL, 0, 0001, "Error opening the input VFR file", mOption=
s.VfrFileName);
+    DebugError (NULL, 0, 0001, "Error opening the input VFR file",=20
+ "%s", mOptions.VfrFileName);
     goto Fail;
   }
   fclose (pVfrFile);
=20
   CmdLen =3D strlen (mPreProcessCmd) + strlen (mPreProcessOpt) + @@ -709,1=
1 +709,11 @@ CVfrCompiler::Compile (
=20
   gCVfrErrorHandle.SetInputFile (InFileName);
   gCVfrErrorHandle.SetWarningAsError(mOptions.WarningAsError);
=20
   if ((pInFile =3D fopen (LongFilePath (InFileName), "r")) =3D=3D NULL) {
-    DebugError (NULL, 0, 0001, "Error opening the input file", InFileName)=
;
+    DebugError (NULL, 0, 0001, "Error opening the input file", "%s",=20
+ InFileName);
     goto Fail;
   }
=20
   InputInfo.CompatibleMode =3D mOptions.CompatibleMode;
   if (mOptions.HasOverrideClassGuid) {
@@ -839,11 +839,11 @@ CVfrCompiler::GenBinary (
     goto Fail;
   }
=20
   if (mOptions.CreateIfrPkgFile =3D=3D TRUE) {
     if ((pFile =3D fopen (LongFilePath (mOptions.PkgOutputFileName), "wb")=
) =3D=3D NULL) {
-      DebugError (NULL, 0, 0001, "Error opening file", mOptions.PkgOutputF=
ileName);
+      DebugError (NULL, 0, 0001, "Error opening file", "%s",=20
+ mOptions.PkgOutputFileName);
       goto Fail;
     }
     if (gCFormPkg.BuildPkg (pFile, &gRBuffer) !=3D VFR_RETURN_SUCCESS) {
       fclose (pFile);
       goto Fail;
@@ -882,11 +882,11 @@ CVfrCompiler::GenCFile (
     goto Fail;
   }
  =20
   if (!mOptions.CreateIfrPkgFile || mOptions.CompatibleMode) {
     if ((pFile =3D fopen (LongFilePath (mOptions.COutputFileName), "w")) =
=3D=3D NULL) {
-      DebugError (NULL, 0, 0001, "Error opening output C file", mOptions.C=
OutputFileName);
+      DebugError (NULL, 0, 0001, "Error opening output C file", "%s",=20
+ mOptions.COutputFileName);
       goto Fail;
     }
=20
     for (Index =3D 0; gSourceFileHeader[Index] !=3D NULL; Index++) {
       fprintf (pFile, "%s\n", gSourceFileHeader[Index]); @@ -923,22 +923,2=
2 @@ CVfrCompiler::GenRecordListFile (
   CHAR8  LineBuf[MAX_VFR_LINE_LEN];
   UINT32 LineNo;
=20
   InFileName =3D (mOptions.SkipCPreprocessor =3D=3D TRUE) ? mOptions.VfrFi=
leName : mOptions.PreprocessorOutputFileName;
=20
-  if (mOptions.CreateRecordListFile =3D=3D TRUE) {
+  if (mOptions.CreateRecordListFile =3D=3D TRUE && InFileName !=3D NULL &&=
=20
+ mOptions.RecordListFile !=3D NULL) {
     if ((InFileName[0] =3D=3D '\0') || (mOptions.RecordListFile[0] =3D=3D =
'\0')) {
       return;
     }
=20
     if ((pInFile =3D fopen (LongFilePath (InFileName), "r")) =3D=3D NULL) =
{
-      DebugError (NULL, 0, 0001, "Error opening the input VFR preprocessor=
 output file", InFileName);
+      DebugError (NULL, 0, 0001, "Error opening the input VFR=20
+ preprocessor output file", "%s", InFileName);
       return;
     }
=20
     if ((pOutFile =3D fopen (LongFilePath (mOptions.RecordListFile), "w"))=
 =3D=3D NULL) {
-      DebugError (NULL, 0, 0001, "Error opening the record list file", mOp=
tions.RecordListFile);
+      DebugError (NULL, 0, 0001, "Error opening the record list file",=20
+ "%s", mOptions.RecordListFile);
       goto Err1;
     }
=20
     fprintf (pOutFile, "//\n//  VFR compiler version " VFR_COMPILER_VERSIO=
N __BUILD_VERSION "\n//\n");
     LineNo =3D 0;
--
1.9.5.msysgit.1

_______________________________________________
edk2-devel mailing list
edk2-devel@lists.01.org
https://lists.01.org/mailman/listinfo/edk2-devel