From mboxrd@z Thu Jan  1 00:00:00 1970
Return-Path: <bounce+27952+111158+7686176+12367111@groups.io>
Received: from mail02.groups.io (mail02.groups.io [66.175.222.108])
	by spool.mail.gandi.net (Postfix) with ESMTPS id 84B46740037
	for <rebecca@openfw.io>; Mon, 13 Nov 2023 14:59:25 +0000 (UTC)
DKIM-Signature: a=rsa-sha256; bh=gdtvMRbjIaNUvJFrg/hMfwVUO0MkHVyqMNFw+wwyblA=;
 c=relaxed/simple; d=groups.io;
 h=Message-ID:Date:MIME-Version:Subject:To:References:From:In-Reply-To:Precedence:List-Subscribe:List-Help:Sender:List-Id:Mailing-List:Delivered-To:Reply-To:List-Unsubscribe-Post:List-Unsubscribe:Content-Language:Content-Type:Content-Transfer-Encoding;
 s=20140610; t=1699887564; v=1;
 b=S2KKdMuwJjkS/JfDDU8ZfpTFlcSQ3yAY1vaLNfRjGv8w8tLW+26C8iw/BlzT2lwkWJNjrOi1
 s24JT6hZEck80lEz+K/FkwaRrpolTs06efI02feRGqCkRV2oAxxxFcIK4DxzFLZ5mb+Zfv0qhlO
 2xtzNiFKU++IYaUA2ylkl9A8=
X-Received: by 127.0.0.2 with SMTP id bO2zYY7687511xq1JTUbfk4M; Mon, 13 Nov 2023 06:59:24 -0800
X-Received: from us-smtp-delivery-124.mimecast.com (us-smtp-delivery-124.mimecast.com [170.10.133.124])
 by mx.groups.io with SMTP id smtpd.web10.38731.1699887563552735202
 for <devel@edk2.groups.io>;
 Mon, 13 Nov 2023 06:59:23 -0800
X-Received: from mimecast-mx02.redhat.com (mimecast-mx02.redhat.com
 [66.187.233.88]) by relay.mimecast.com with ESMTP with STARTTLS
 (version=TLSv1.3, cipher=TLS_AES_256_GCM_SHA384) id
 us-mta-588-lxfDiYvKN0eh6ajB1P8sFQ-1; Mon, 13 Nov 2023 09:59:21 -0500
X-MC-Unique: lxfDiYvKN0eh6ajB1P8sFQ-1
X-Received: from smtp.corp.redhat.com (int-mx06.intmail.prod.int.rdu2.redhat.com [10.11.54.6])
	(using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits)
	 key-exchange X25519 server-signature RSA-PSS (2048 bits) server-digest SHA256)
	(No client certificate requested)
	by mimecast-mx02.redhat.com (Postfix) with ESMTPS id 10CEA89C67F;
	Mon, 13 Nov 2023 14:59:21 +0000 (UTC)
X-Received: from [10.39.192.220] (unknown [10.39.192.220])
	by smtp.corp.redhat.com (Postfix) with ESMTPS id 4F96F2166B26;
	Mon, 13 Nov 2023 14:59:20 +0000 (UTC)
Message-ID: <cc5c75bd-c2e7-10ff-7bc4-c52618036ac9@redhat.com>
Date: Mon, 13 Nov 2023 15:59:19 +0100
MIME-Version: 1.0
Subject: Re: [edk2-devel] [PATCH v1 1/1] Bug 2861 - HiiDatabaseDxe, ConfigRouting.c, GetElementsFromRequest incorrect error handling.
To: devel@edk2.groups.io, chip.programmer@att.net
References: <62690423D2A24D1DBB82CD22AE44EADE.ref@DESKTOPQUG2G9K>
 <62690423D2A24D1DBB82CD22AE44EADE@DESKTOPQUG2G9K>
From: "Laszlo Ersek" <lersek@redhat.com>
In-Reply-To: <62690423D2A24D1DBB82CD22AE44EADE@DESKTOPQUG2G9K>
X-Scanned-By: MIMEDefang 3.4.1 on 10.11.54.6
X-Mimecast-Spam-Score: 0
X-Mimecast-Originator: redhat.com
Precedence: Bulk
List-Subscribe: <mailto:devel+subscribe@edk2.groups.io>
List-Help: <mailto:devel+help@edk2.groups.io>
Sender: devel@edk2.groups.io
List-Id: <devel.edk2.groups.io>
Mailing-List: list devel@edk2.groups.io; contact devel+owner@edk2.groups.io
Reply-To: devel@edk2.groups.io,lersek@redhat.com
List-Unsubscribe-Post: List-Unsubscribe=One-Click
List-Unsubscribe: <https://edk2.groups.io/g/devel/leave/12367111/7686176/1913456212/plugh>
X-Gm-Message-State: RE586HlGzpICQ5m64jdbUXAXx7686176AA=
Content-Language: en-US
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit
X-GND-Status: LEGIT
Authentication-Results: spool.mail.gandi.net;
	dkim=pass header.d=groups.io header.s=20140610 header.b=S2KKdMuw;
	dmarc=fail reason="SPF not aligned (relaxed), DKIM not aligned (relaxed)" header.from=redhat.com (policy=none);
	spf=pass (spool.mail.gandi.net: domain of bounce@groups.io designates 66.175.222.108 as permitted sender) smtp.mailfrom=bounce@groups.io

Hi Charles,

On 10/26/23 03:05, Charles Hyde wrote:
> From: Charles Hyde <chip.programmer@att.net>
> 
> BZ: https://bugzilla.tianocore.org/show_bug.cgi?id=2861
> 
> I believe the attached ConfigRouting.txt patch will resolve bug 2861, plus
> resolve an uninitialized pointer issue in HiiConfigRoutingExportConfig().
> The uninitialized pointer was identified when running the EDK2 Self
> Certification Test with all tests selected, having caused the CPU to issue
> an exception error (most times) or completely trashed the system
> (sometimes).
> 
> I found a second instance of GetElementsFromRequest(), located in HiiLib.c,
> that also needed an update.  The attached patch should address this bug and
> more.
> 
> Signed-off-by: Charles Hyde <chip.programmer@att.net>
> ---

Thanks for analyzing and fixing these bugs.

Can you please split the separate fixes to separate patches?

Also, the patch looks garbled; it shouldn't be attached / pasted but
sent with git-send-email. Are you familiar with git-send-email?

Here's the official docs:

https://github.com/tianocore/tianocore.github.io/wiki/EDK-II-Development-Process

and some unofficial tips:

https://github.com/tianocore/tianocore.github.io/wiki/Laszlo's-unkempt-git-guide-for-edk2-contributors-and-maintainers

Third, I suggest not to comment out, with /* */, dead code (such as a
subcondition that always evaluates to false or true); instead, remove
it, and explain in the commit message (or, if necessary, in a code
comment) why that condition is a tautology. If the condition or argument
is nontrivial, consider using an ASSERT().

Laszlo


> 
> diff --git a/MdeModulePkg/Library/UefiHiiLib/HiiLib.c
> b/MdeModulePkg/Library/UefiHiiLib/HiiLib.c
> index 63a37ab59a..c3dc7bf558 100644
> --- a/MdeModulePkg/Library/UefiHiiLib/HiiLib.c
> +++ b/MdeModulePkg/Library/UefiHiiLib/HiiLib.c
> @@ -2272,8 +2272,14 @@ GetElementsFromRequest (
> {
>   EFI_STRING  TmpRequest;
> 
> +  ASSERT (ConfigRequest != NULL);
> +  if (ConfigRequest == NULL)
> +    return FALSE;
> +
>   TmpRequest = StrStr (ConfigRequest, L"PATH=");
>   ASSERT (TmpRequest != NULL);
> +  if (TmpRequest == NULL)
> +    return FALSE;
> 
>   if ((StrStr (TmpRequest, L"&OFFSET=") != NULL) || (StrStr (TmpRequest,
> L"&") != NULL)) {
>     return TRUE;
> diff --git a/MdeModulePkg/Universal/HiiDatabaseDxe/ConfigRouting.c
> b/MdeModulePkg/Universal/HiiDatabaseDxe/ConfigRouting.c
> index 5ae6189a28..0b39f156f3 100644
> --- a/MdeModulePkg/Universal/HiiDatabaseDxe/ConfigRouting.c
> +++ b/MdeModulePkg/Universal/HiiDatabaseDxe/ConfigRouting.c
> @@ -420,14 +420,19 @@ AppendToMultiString (
>   }
> 
>   AppendStringSize = StrSize (AppendString);
> +  if (AppendStringSize <= sizeof(*AppendString))    // If the string is
> empty, there is no need to proceed further.
> +    return EFI_SUCCESS;
> +
>   MultiStringSize  = StrSize (*MultiString);
>   MaxLen           = MAX_STRING_LENGTH / sizeof (CHAR16);
> 
>   //
>   // Enlarge the buffer each time when length exceeds MAX_STRING_LENGTH.
>   //
> -  if ((MultiStringSize + AppendStringSize > MAX_STRING_LENGTH) ||
> -      (MultiStringSize > MAX_STRING_LENGTH))
> +  if ((MultiStringSize + AppendStringSize > MAX_STRING_LENGTH) /*||
> +      (MultiStringSize > MAX_STRING_LENGTH)*/)  // There is no need to
> check the second part.
> +                                                // If the first part is
> false, the second part will always be false.
> +                                                // If the second part is
> true, the first part must also be true.
>   {
>     *MultiString = (EFI_STRING)ReallocatePool (
>                                  MultiStringSize,
> @@ -1800,8 +1805,14 @@ GetElementsFromRequest (
> {
>   EFI_STRING  TmpRequest;
> 
> +  ASSERT (ConfigRequest != NULL);
> +  if (ConfigRequest == NULL)
> +    return FALSE;
> +
>   TmpRequest = StrStr (ConfigRequest, L"PATH=");
>   ASSERT (TmpRequest != NULL);
> +  if (TmpRequest == NULL)
> +    return FALSE;
> 
>   if ((StrStr (TmpRequest, L"&OFFSET=") != NULL) || (StrStr (TmpRequest,
> L"&") != NULL)) {
>     return TRUE;
> @@ -5292,6 +5303,7 @@ HiiConfigRoutingExportConfig (
>     //
>     IfrDataParsedFlag = FALSE;
>     Progress          = NULL;
> +    AccessResults     = NULL;
>     HiiHandle         = NULL;
>     DefaultResults    = NULL;
>     Database          = NULL;
> @@ -5326,6 +5338,14 @@ HiiConfigRoutingExportConfig (
>                              &AccessResults
>                              );
>     if (EFI_ERROR (Status)) {
> +
> +      // If an error was returned, then do not believe any results in
> these
> two pointers.
> +      Progress = NULL;
> +      if (AccessResults) {
> +        FreePool (AccessResults);
> +        AccessResults = NULL;
> +      }
> +
>       //
>       // Update AccessResults by getting default setting from IFR when
> HiiPackage is registered to HiiHandle
>       //
> @@ -5350,6 +5370,17 @@ HiiConfigRoutingExportConfig (
>     }
> 
>     if (!EFI_ERROR (Status)) {
> +
> +      // If AccessResults == NULL, there is nothing to be done.
> +      if (AccessResults == NULL) {
> +        Progress = NULL;
> +
> +        if (ConfigRequest != NULL)
> +          FreePool (ConfigRequest);
> +
> +        continue;
> +      }
> +
>       //
>       // Update AccessResults by getting default setting from IFR when
> HiiPackage is registered to HiiHandle
>       //
> 
> 
> 
> 
> 



-=-=-=-=-=-=-=-=-=-=-=-
Groups.io Links: You receive all messages sent to this group.
View/Reply Online (#111158): https://edk2.groups.io/g/devel/message/111158
Mute This Topic: https://groups.io/mt/102191640/7686176
Group Owner: devel+owner@edk2.groups.io
Unsubscribe: https://edk2.groups.io/g/devel/leave/12367111/7686176/1913456212/xyzzy [rebecca@openfw.io]
-=-=-=-=-=-=-=-=-=-=-=-