From mboxrd@z Thu Jan 1 00:00:00 1970 Received: from us-smtp-delivery-162.mimecast.com (us-smtp-delivery-162.mimecast.com [170.10.133.162]) by mx.groups.io with SMTP id smtpd.web11.6707.1637803712218386699 for ; Wed, 24 Nov 2021 17:28:33 -0800 Authentication-Results: mx.groups.io; dkim=pass header.i=@hp.com header.s=mimecast20180716 header.b=FacegMJB; spf=pass (domain: hp.com, ip: 170.10.133.162, mailfrom: anbazhagan@hp.com) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=hp.com; s=mimecast20180716; t=1637803710; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:cc:mime-version:mime-version:content-type:content-type: in-reply-to:in-reply-to:references:references; bh=OEzop4h1IikNyH8RMcnC5KHG3oF0lXtjLD6iOSgRdS8=; b=FacegMJBZDTg9dCNz0mO176qeSrTTwmI5Caq8ysJRCoojOJacaf9WQ9Ujzu/dx0XLBpVg+ wAyElUhAKOdHtYsWfH1k3YtQpBp2GDHztVzqobAbw9zqO5b9mcTMRB6UtamVabpe08QklB BoghlP4X5b/ra8rCPlQ4Awxc+NaF+eI= Received: from NAM12-MW2-obe.outbound.protection.outlook.com (mail-mw2nam12lp2045.outbound.protection.outlook.com [104.47.66.45]) by relay.mimecast.com with ESMTP with STARTTLS (version=TLSv1.2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id us-mta-268-4NQxzH91N8aO8_37TY9esg-1; Wed, 24 Nov 2021 20:28:29 -0500 X-MC-Unique: 4NQxzH91N8aO8_37TY9esg-1 Received: from TU4PR8401MB0654.NAMPRD84.PROD.OUTLOOK.COM (2a01:111:e400:770d::20) by TU4PR8401MB0957.NAMPRD84.PROD.OUTLOOK.COM (2a01:111:e400:7711::17) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.4713.22; Thu, 25 Nov 2021 01:28:27 +0000 Received: from TU4PR8401MB0654.NAMPRD84.PROD.OUTLOOK.COM ([fe80::cc4f:543d:40b9:611]) by TU4PR8401MB0654.NAMPRD84.PROD.OUTLOOK.COM ([fe80::cc4f:543d:40b9:611%7]) with mapi id 15.20.4713.026; Thu, 25 Nov 2021 01:28:27 +0000 From: "Anbazhagan, Baraneedharan" To: "devel@edk2.groups.io" CC: "maciej.rabeda@linux.intel.com" , "jiaxin.wu@intel.com" , "siyuan.fu@intel.com" Subject: Re: NetworkPkg: Fix invalid pointer for DNS response token on error Thread-Topic: NetworkPkg: Fix invalid pointer for DNS response token on error Thread-Index: AdfhmcEmoxR4GHdXTCeTllKNVGBF5QAAe/pg Date: Thu, 25 Nov 2021 01:28:27 +0000 Message-ID: References: In-Reply-To: Accept-Language: en-US X-MS-Has-Attach: X-MS-TNEF-Correlator: x-bromium-msgid: 6c0d882a-54a5-4fb0-b2a5-5b0753c5fe4a x-ms-publictraffictype: Email x-ms-office365-filtering-correlation-id: 1561fafd-b12a-4d4e-163b-08d9afb2e1f1 x-ms-traffictypediagnostic: TU4PR8401MB0957: x-microsoft-antispam-prvs: x-ms-oob-tlc-oobclassifiers: OLM:1468 x-ms-exchange-senderadcheck: 1 x-ms-exchange-antispam-relay: 0 x-microsoft-antispam: BCL:0 x-microsoft-antispam-message-info: eXUpX04qBcj+JPVbs14ti+MWJe1BUIjSlcTB9fmx/OzrLTiOHRUBHFoQgkoHSJIrt8O/KAbuV11DEUGZo6wURnmnHvQJd92DSTCvIt7xGXT9pmG3BNGOz6HQuVo/AzJkkp5ANvjQcp3z1nIhLU6u5R8RsUyBwJZzo1Nng0YO8WOmZ790Tp9BnTZPjD7760vJUtT2/a5o9WCqkjjl/euGTK6SY3wbUagea+iKtQUUgXoZsk6QVsGzwH1+a5HFiFz8ipeIGbYKrvmoMEk3xiJvbHWrq2KgdPgJo/muFPmISKzTsL7TQD7KFW3BA5drg91IwhLOk8rf+Qu5kDYqunTS1bHNpmNia07UUE6wSpM2ULlmd3WEhP2HcsCABvXd4B6tEQ71rOFYXbXfKzAgw7nsUNf+mlxUBqtrwRTXblrRGRgzMg9NaAUR1wXhcmZyHwoQT2WhGk0QK0jwXIsryDlm0AgldNiRJOV8fGJ//Abcp1kTr2bIdHGvx9wI0rVJd8RSmC+CCV00XpL0zU3fwU7sYfl8agZ4kLjS1eaEvn8N86LxffHS9EcyTPCZGZfUYNgc+tFhENMYbZyF2I8srKUeYy3YJ1Ey9j+zw6gjYhVfmpwQeIk62BVLK3QHdsXo1ydS7lkMzNrtTCyOS98M8CoPiMQpFLePCM2R8AR+zEkdf+40JwY82eU2JobgFNlLHgM0UOPeIPM73yV36c39Q+H/2ikLGM1uJSONluIjt5P6jral/pyJPDMPhI9rjVao8yinnvVFhLmmGGihj2YPeSGNwvoQfn1g9T4jkXo5Koz4SdU= x-forefront-antispam-report: CIP:255.255.255.255;CTRY:;LANG:en;SCL:1;SRV:;IPV:NLI;SFV:NSPM;H:TU4PR8401MB0654.NAMPRD84.PROD.OUTLOOK.COM;PTR:;CAT:NONE;SFS:(366004)(7696005)(2906002)(26005)(82960400001)(166002)(316002)(966005)(8676002)(71200400001)(122000001)(2940100002)(33656002)(4744005)(5660300002)(55016003)(86362001)(186003)(4326008)(6916009)(9686003)(508600001)(66946007)(38070700005)(6506007)(66446008)(66556008)(64756008)(38100700002)(76116006)(54906003)(52536014)(8936002)(66476007);DIR:OUT;SFP:1102 x-ms-exchange-antispam-messagedata-chunkcount: 1 x-ms-exchange-antispam-messagedata-0: =?us-ascii?Q?HX2wemZAHTFajExNY+Kp8wx5ZdEIFeBZVxfh0XHr4UR2tDvQmeUosjkUz76U?= =?us-ascii?Q?51bJzHicZGC1B5oa5UhQeUrFdscV27C1fFRjn+3qblEOGhaqkeRxtrb47umJ?= =?us-ascii?Q?mH8yPqQ7DQG0c1R93ysn9gc9O7sWoFDgobJV2zGue9AU9DA51KOPNW6RAq8q?= =?us-ascii?Q?GAKg3Yk+iGtnCTDG6xdrcT1gHHqYgt5XCb2IuOZIsXwlTN0obbiSqdzLOSU3?= =?us-ascii?Q?9BUSY8rSPKzdEFSKnbMCTHQ7FOt3cWc4FaOdCt8YuL7ST/m4YEi3fiFHeYyL?= =?us-ascii?Q?q5l1xs75uQYMohF9NnYsK2W95GLY6lKbkmQxeKXIAPvq7ZgOB5g/dhA5Tc1i?= =?us-ascii?Q?5+mmS/EsugXjzJgi5Xh1a9LnkTV5ZVoYhGomKqBsC9CZd8oe8XMUhbxVnQ3s?= =?us-ascii?Q?6xuhzXPRSMoIDHsxquMy0KkInZt05HRW1uKodgCu+rJwhrTJ7+IpL/1rflLA?= =?us-ascii?Q?qlIO8b+snDmn1pBmO2Ag78+ycPWdUfAbMua6aZaVA7IvKolxJ8WGh6ewBU5X?= =?us-ascii?Q?QoiuyeVYyIrU8HMqbsNqbpd2DuRY1ec4yK9Jx97b0iuX0nhtdgNKpT6nAcz+?= =?us-ascii?Q?nT7akCmsthgLcIr/GCHBQiRTcUh0c7CqfCXJIE0pjvuj62vVUs/TgrA5udk/?= =?us-ascii?Q?ZQQM4ttiP5UfdycJwAYKOZ21k8sZ1S6dVZqnsFU20cFajpeWZoOWG+51k3rA?= =?us-ascii?Q?39MMQIgYGKlCuax2wnNNqVYohYUne17qhsK6xh6VcBVgdJKVeBMyWTBv9IDp?= =?us-ascii?Q?PYZk5/dHquL95r99l/Ikd1B3Hc94drsHmhJQhjCdvKu843q+ncWdfRnizDoz?= =?us-ascii?Q?GJ+5VSjPWny+ktwkUYG3bg/O7S+woHCQbKK8r+GITVgeqkpFBM64j3xyzG18?= =?us-ascii?Q?UiMKrxPL1vbaTvNS8DlgLadt1GUnez0FWxfIOtNBnmlH9sft/+nc6Lj765NR?= =?us-ascii?Q?D1y/5SYQAxP1neusEmAcJmMQxhfyQJ4WWOkhC6AQT0z6VQEyHYRBHbVRstDI?= =?us-ascii?Q?n5byLKE9Omd2ihWCodNiyQyxEBJxYRbekrQmJvTLnDRGKLkrBzrEWakzj3NY?= =?us-ascii?Q?Qdf8poaoMmuUllmiVuIWRSCr27/KxtADnZIgHQEtMFb9+MOv0CLJ+dLY5ZVv?= =?us-ascii?Q?Q4adoTAEJIuR3S2t+FTEadnMUECDuVPW409j/S0N+3jjls2L0PNvvC0qSA2Q?= =?us-ascii?Q?p5sb9Lkoes+mnD9kVxWUzsUPbrWMU+NAqy8jSYTwfg1cN2kvN1fqqS3Mk67O?= =?us-ascii?Q?Roa+4szoFA7aifZh/btOY3GCchKxhVGiK3PBKGx7mulwCy/mATiAA9M87WOI?= =?us-ascii?Q?xBj5dShuW9gZAQn/299JcmBI0gXnwWxTo3YyprFVusxmKx+Kvin8CAKOjsxt?= =?us-ascii?Q?pCjhZkB6dQtRiI8R9lxLtvn+NRBcV/lN6a60n5I9S7yCc5oqAL6aYqRoXEGu?= =?us-ascii?Q?nqTXrRI/tCu/NdFKqVLF4rQC9DTXSHrO1f3SQlspiteaw2IjD85ivDDbsk2U?= =?us-ascii?Q?DuMzTXPZt0Ymrgkx98Miip8NEb3A/1/XWxpXFGFLkG6/G4q8dlYTK6+NPq/i?= =?us-ascii?Q?EeGRhD9EBDArNjqOnezuf7X4VOy4uL7LMryDzjsJHbXMGhPfHpuPLxa7HP8X?= =?us-ascii?Q?Cw=3D=3D?= MIME-Version: 1.0 X-OriginatorOrg: hp.com X-MS-Exchange-CrossTenant-AuthAs: Internal X-MS-Exchange-CrossTenant-AuthSource: TU4PR8401MB0654.NAMPRD84.PROD.OUTLOOK.COM X-MS-Exchange-CrossTenant-Network-Message-Id: 1561fafd-b12a-4d4e-163b-08d9afb2e1f1 X-MS-Exchange-CrossTenant-originalarrivaltime: 25 Nov 2021 01:28:27.7689 (UTC) X-MS-Exchange-CrossTenant-fromentityheader: Hosted X-MS-Exchange-CrossTenant-id: ca7981a2-785a-463d-b82a-3db87dfc3ce6 X-MS-Exchange-CrossTenant-mailboxtype: HOSTED X-MS-Exchange-CrossTenant-userprincipalname: O7foAc1qZMCUAg1dHMxIbTVpye9deeivLYZw9SmEZdTEn+wNRULiCEk4r++iit2Q0Txh4kMh3ll7ZdioxEHaEg== X-MS-Exchange-Transport-CrossTenantHeadersStamped: TU4PR8401MB0957 Authentication-Results: relay.mimecast.com; auth=pass smtp.auth=CUSA62A171 smtp.mailfrom=anbazhagan@hp.com X-Mimecast-Spam-Score: 0 X-Mimecast-Originator: hp.com Content-Language: en-US Content-Type: multipart/alternative; boundary="_000_TU4PR8401MB06545ECA2B707E56362F709FBA629TU4PR8401MB0654_" --_000_TU4PR8401MB06545ECA2B707E56362F709FBA629TU4PR8401MB0654_ Content-Type: text/plain; charset=WINDOWS-1252 Content-Transfer-Encoding: quoted-printable Ref: https://bugzilla.tianocore.org/show_bug.cgi?id=3D3719 Token->RspData.H2AData is de-allocated on error but it is not set to NULL. HTTP module attempts to free again and cause assert. Signed-off-by: Baraneedharan Anbazhagan anbazhagan@hp.com --- NetworkPkg/DnsDxe/DnsImpl.c | 2 ++ 1 file changed, 2 insertions(+) diff --git a/NetworkPkg/DnsDxe/DnsImpl.c b/NetworkPkg/DnsDxe/DnsImpl.c index 2edcb280ac..78a56f2b56 100644 --- a/NetworkPkg/DnsDxe/DnsImpl.c +++ b/NetworkPkg/DnsDxe/DnsImpl.c @@ -1700,6 +1700,7 @@ ON_EXIT: } FreePool (Dns4TokenEntry->Token->RspData.H2AData); + Dns4TokenEntry->Token->RspData.H2AData =3D NULL; } } } @@ -1731,6 +1732,7 @@ ON_EXIT: } FreePool (Dns6TokenEntry->Token->RspData.H2AData); + Dns6TokenEntry->Token->RspData.H2AData =3D NULL; } } } -- 2.33.0.windows.2 --_000_TU4PR8401MB06545ECA2B707E56362F709FBA629TU4PR8401MB0654_ Content-Type: text/html; charset=WINDOWS-1252 Content-Transfer-Encoding: quoted-printable

Ref: https://bugzilla.tianocore.org/show_bug.cgi?id=3D3719

 

Token->RspData.H2AData is de-allocated on error b= ut it is not

set to NULL. HTTP module attempts to free again and = cause assert.

 

Signed-off-by: Baraneedharan Anbazhagan anbazhagan@hp.com

---

NetworkPkg/DnsDxe/DnsImpl.c | 2 ++

1 file changed, 2 insertions(+)

 

diff --git a/NetworkPkg/DnsDxe/DnsImpl.c b/NetworkPk= g/DnsDxe/DnsImpl.c

index 2edcb280ac..78a56f2b56 100644

--- a/NetworkPkg/DnsDxe/DnsImpl.c

+++ b/NetworkPkg/DnsDxe/DnsImpl.c

@@ -1700,6 +1700,7 @@ ON_EXIT:

        &nbs= p;  }

 

        &nbs= p;  FreePool (Dns4TokenEntry->Token->RspData.H2AData);=

+        &nb= sp; Dns4TokenEntry->Token->RspData.H2AData =3D NULL;

         }

       }

     }

@@ -1731,6 +1732,7 @@ ON_EXIT:

        &nbs= p;  }

 

        &nbs= p;  FreePool (Dns6TokenEntry->Token->RspData.H2AData);=

+        &nb= sp; Dns6TokenEntry->Token->RspData.H2AData =3D NULL;

         }

       }

     }

--

2.33.0.windows.2

 

--_000_TU4PR8401MB06545ECA2B707E56362F709FBA629TU4PR8401MB0654_--