From mboxrd@z Thu Jan 1 00:00:00 1970 Subject: [PATCH] MdeModulePkg/Bus/Usb/UsbMouseDxe: Fix REVERSE_INULL Coverity issue To: devel@edk2.groups.io From: "Ranbir Singh" X-Originating-Location: Bengaluru, Karnataka, IN (122.172.85.38) X-Originating-Platform: Windows Chrome 108 User-Agent: GROUPS.IO Web Poster MIME-Version: 1.0 Date: Wed, 04 Jan 2023 00:57:06 -0800 Message-ID: Content-Type: multipart/alternative; boundary="INpb7n5XViOJBZai5M69" --INpb7n5XViOJBZai5M69 Content-Type: text/plain; charset="utf-8" Content-Transfer-Encoding: quoted-printable The function USBMouseDriverBindingStart do have ASSERT (UsbMouseDevice !=3D NULL); after AllocateZeroPool, but it is applicable only in DEBUG mode. In RELEASE mode, the code proceeds to dereference "UsbMouseDevice" which will lead to CRASH. Hence, for safety add NULL pointer checks always. The ASSERT may be retained or it may be deleted whatever is deemed more appropriate. REF: https://bugzilla.tianocore.org/show_bug.cgi?id=3D4222 Signed-off-by: Ranbir Singh --- MdeModulePkg/Bus/Usb/UsbMouseDxe/UsbMouse.c | 4 ++++ 1 file changed, 4 insertions(+) diff --git a/MdeModulePkg/Bus/Usb/UsbMouseDxe/UsbMouse.c b/MdeModulePkg/Bus= /Usb/UsbMouseDxe/UsbMouse.c index 451d4b934f..621d09713b 100644 --- a/MdeModulePkg/Bus/Usb/UsbMouseDxe/UsbMouse.c +++ b/MdeModulePkg/Bus/Usb/UsbMouseDxe/UsbMouse.c @@ -161,6 +161,10 @@ USBMouseDriverBindingStart ( UsbMouseDevice =3D AllocateZeroPool (sizeof (USB_MOUSE_DEV)); ASSERT (UsbMouseDevice !=3D NULL); +=C2=A0 if (UsbMouseDevice =3D=3D NULL) { +=C2=A0 =C2=A0 Status =3D EFI_OUT_OF_RESOURCES; +=C2=A0 =C2=A0 goto ErrorExit; +=C2=A0 } UsbMouseDevice->UsbIo=C2=A0 =C2=A0 =C2=A0=3D UsbIo; UsbMouseDevice->Signature =3D USB_MOUSE_DEV_SIGNATURE; -- 2.36.1.windows.1 --INpb7n5XViOJBZai5M69 Content-Type: text/html; charset="utf-8" Content-Transfer-Encoding: quoted-printable
The function USBMouseDriverBindingStart do have
 
    ASSERT (UsbMouseDevice !=3D NULL);
 
after AllocateZeroPool, but it is applicable only in DEBUG mode.
In RELEASE mode, the code proceeds to dereference "UsbMouseDevice"
which will lead to CRASH.
 
Hence, for safety add NULL pointer checks always. The ASSERT may be
retained or it may be deleted whatever is deemed more appropriate.
 
REF: https://bugzilla.tianocore.org/show_bug.cgi?id=3D4222
Signed-off-by: Ranbir Singh <Ranbir.Singh3@Dell.com>
---
 MdeModulePkg/Bus/Usb/UsbMouseDxe/UsbMouse.c | 4 ++++
 1 file changed, 4 insertions(+)
 
diff --git a/MdeModulePkg/Bus/Usb/UsbMouseDxe/UsbMouse.c b/MdeModulePk= g/Bus/Usb/UsbMouseDxe/UsbMouse.c
index 451d4b934f..621d09713b 100644
--- a/MdeModulePkg/Bus/Usb/UsbMouseDxe/UsbMouse.c
+++ b/MdeModulePkg/Bus/Usb/UsbMouseDxe/UsbMouse.c
@@ -161,6 +161,10 @@ USBMouseDriverBindingStart (
 
   UsbMouseDevice =3D AllocateZeroPool (sizeof (USB_MOUSE_DE= V));
   ASSERT (UsbMouseDevice !=3D NULL);
+  if (UsbMouseDevice =3D=3D NULL) {
+    Status =3D EFI_OUT_OF_RESOURCES;
+    goto ErrorExit;
+  }
 
   UsbMouseDevice->UsbIo     =3D UsbIo;
   UsbMouseDevice->Signature =3D USB_MOUSE_DEV_SIGNATURE;=
--
2.36.1.windows.1
--INpb7n5XViOJBZai5M69--