From mboxrd@z Thu Jan  1 00:00:00 1970
Return-Path: <jaben.carsey@intel.com>
Received: from mga11.intel.com (mga11.intel.com [192.55.52.93])
 (using TLSv1 with cipher CAMELLIA256-SHA (256/256 bits))
 (No client certificate requested)
 by ml01.01.org (Postfix) with ESMTPS id 548081A1DED
 for <edk2-devel@lists.01.org>; Mon,  3 Oct 2016 11:24:38 -0700 (PDT)
Received: from fmsmga004.fm.intel.com ([10.253.24.48])
 by fmsmga102.fm.intel.com with ESMTP; 03 Oct 2016 11:24:37 -0700
X-ExtLoop1: 1
X-IronPort-AV: E=Sophos;i="5.31,438,1473145200"; d="scan'208";a="175917435"
Received: from fmsmsx108.amr.corp.intel.com ([10.18.124.206])
 by fmsmga004.fm.intel.com with ESMTP; 03 Oct 2016 11:24:37 -0700
Received: from fmsmsx103.amr.corp.intel.com ([169.254.2.167]) by
 FMSMSX108.amr.corp.intel.com ([169.254.9.94]) with mapi id 14.03.0248.002;
 Mon, 3 Oct 2016 11:24:37 -0700
From: "Carsey, Jaben" <jaben.carsey@intel.com>
To: "Kinney, Michael D" <michael.d.kinney@intel.com>,
 "edk2-devel@lists.01.org" <edk2-devel@lists.01.org>
Thread-Topic: [Patch] ShellPkg/Hexedit: Fix FreePool() ASSERT() when writing
 disk
Thread-Index: AQHSGfxpi14yYOYh4U2Yw3blsSCIOqCXh4MA//+LT/o=
Date: Mon, 3 Oct 2016 18:24:37 +0000
Message-ID: <F4AB223D-F5F6-4B52-9D6C-6B042990EFFC@intel.com>
References: <1475109500-13024-1-git-send-email-michael.d.kinney@intel.com>
 <734D49CCEBEEF84792F5B80ED585239D58E0D0FA@SHSMSX104.ccr.corp.intel.com>,
 <E92EE9817A31E24EB0585FDF735412F56481EC72@ORSMSX113.amr.corp.intel.com>
In-Reply-To: <E92EE9817A31E24EB0585FDF735412F56481EC72@ORSMSX113.amr.corp.intel.com>
Accept-Language: en-US
X-MS-Has-Attach: 
X-MS-TNEF-Correlator: 
MIME-Version: 1.0
Subject: Re: [Patch] ShellPkg/Hexedit: Fix FreePool() ASSERT() when writing disk
X-BeenThere: edk2-devel@lists.01.org
X-Mailman-Version: 2.1.21
Precedence: list
List-Id: EDK II Development  <edk2-devel.lists.01.org>
List-Unsubscribe: <https://lists.01.org/mailman/options/edk2-devel>,
 <mailto:edk2-devel-request@lists.01.org?subject=unsubscribe>
List-Archive: <http://lists.01.org/pipermail/edk2-devel/>
List-Post: <mailto:edk2-devel@lists.01.org>
List-Help: <mailto:edk2-devel-request@lists.01.org?subject=help>
List-Subscribe: <https://lists.01.org/mailman/listinfo/edk2-devel>,
 <mailto:edk2-devel-request@lists.01.org?subject=subscribe>
X-List-Received-Date: Mon, 03 Oct 2016 18:24:38 -0000
Content-Language: en-US
Content-Type: text/plain; charset="us-ascii"
Content-Transfer-Encoding: quoted-printable

Reviewed-by: Jaben Carsey <Jaben.carsey@intel.com>


> -----Original Message-----
> From: Ni, Ruiyu=20
> Sent: Wednesday, September 28, 2016 7:52 PM
> To: Kinney, Michael D <michael.d.kinney@intel.com>; edk2-devel@lists.01.o=
rg
> Cc: Carsey, Jaben <jaben.carsey@intel.com>
> Subject: RE: [Patch] ShellPkg/Hexedit: Fix FreePool() ASSERT() when writi=
ng disk
>=20
> I agree to use the same style of code as what the other functions do.
>=20
> Reviewed-by: Ruiyu Ni <ruiyu.ni@intel.com>
>> -----Original Message-----
>> From: Kinney, Michael D
>> Sent: Thursday, September 29, 2016 8:38 AM
>> To: edk2-devel@lists.01.org
>> Cc: Carsey, Jaben <jaben.carsey@intel.com>; Ni, Ruiyu <ruiyu.ni@intel.co=
m>
>> Subject: [Patch] ShellPkg/Hexedit: Fix FreePool() ASSERT() when writing =
disk
>>=20
>> The HDiskImageSave() function copies a device path using
>> DuplicateDevicePath() and passes that device path to
>> gBS->LocateDevicePath() that changes the value of the
>> device path pointer.  When FreePool() is called with the
>> modified device path pointer, the FreePool() service
>> generates an ASSERT() because the signature for the pool
>> head can not be found.
>>=20
>> The function HDiskImageRead() immediately above
>> HDiskImageSave() has the correct algorithm that uses an
>> additional local variable called DupDevicePathForFree to
>> preserve the pointer to the allocated buffer so it can
>> be used in the call to FreePool().
>>=20
>> Bug: <https://bugzilla.tianocore.org/show_bug.cgi?id=3D131>
>>=20
>> Cc: Jaben Carsey <jaben.carsey@intel.com>
>> Cc: Ruiyu Ni <ruiyu.ni@intel.com>
>> Contributed-under: TianoCore Contribution Agreement 1.0
>> Signed-off-by: Michael Kinney <michael.d.kinney@intel.com>
>> ---
>> ShellPkg/Library/UefiShellDebug1CommandsLib/HexEdit/DiskImage.c | 4 +++-
>> 1 file changed, 3 insertions(+), 1 deletion(-)
>>=20
>> diff --git a/ShellPkg/Library/UefiShellDebug1CommandsLib/HexEdit/DiskIma=
ge.c
>> b/ShellPkg/Library/UefiShellDebug1CommandsLib/HexEdit/DiskImage.c
>> index a50b52f..bc74a4f 100644
>> --- a/ShellPkg/Library/UefiShellDebug1CommandsLib/HexEdit/DiskImage.c
>> +++ b/ShellPkg/Library/UefiShellDebug1CommandsLib/HexEdit/DiskImage.c
>> @@ -343,6 +343,7 @@ HDiskImageSave (
>>=20
>>  CONST EFI_DEVICE_PATH_PROTOCOL  *DevicePath;
>>  EFI_DEVICE_PATH_PROTOCOL        *DupDevicePath;
>> +  EFI_DEVICE_PATH_PROTOCOL        *DupDevicePathForFree;
>>  EFI_BLOCK_IO_PROTOCOL           *BlkIo;
>>  EFI_STATUS                      Status;
>>  EFI_HANDLE                      Handle;
>> @@ -364,12 +365,13 @@ HDiskImageSave (
>>    return EFI_INVALID_PARAMETER;
>>  }
>>  DupDevicePath =3D DuplicateDevicePath(DevicePath);
>> +  DupDevicePathForFree =3D DupDevicePath;
>>=20
>>  //
>>  // get blkio interface
>>  //
>>  Status =3D gBS->LocateDevicePath(&gEfiBlockIoProtocolGuid,&DupDevicePat=
h,&Handle);
>> -  FreePool(DupDevicePath);
>> +  FreePool(DupDevicePathForFree);
>>  if (EFI_ERROR (Status)) {
>> //    StatusBarSetStatusString (L"Read Disk Failed");
>>    return Status;
>> --
>> 2.6.3.windows.1
>=20