From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Received: from mail02.groups.io (mail02.groups.io [66.175.222.108]) by spool.mail.gandi.net (Postfix) with ESMTPS id 84B46740037 for ; Mon, 13 Nov 2023 14:59:25 +0000 (UTC) DKIM-Signature: a=rsa-sha256; bh=gdtvMRbjIaNUvJFrg/hMfwVUO0MkHVyqMNFw+wwyblA=; c=relaxed/simple; d=groups.io; h=Message-ID:Date:MIME-Version:Subject:To:References:From:In-Reply-To:Precedence:List-Subscribe:List-Help:Sender:List-Id:Mailing-List:Delivered-To:Reply-To:List-Unsubscribe-Post:List-Unsubscribe:Content-Language:Content-Type:Content-Transfer-Encoding; s=20140610; t=1699887564; v=1; b=S2KKdMuwJjkS/JfDDU8ZfpTFlcSQ3yAY1vaLNfRjGv8w8tLW+26C8iw/BlzT2lwkWJNjrOi1 s24JT6hZEck80lEz+K/FkwaRrpolTs06efI02feRGqCkRV2oAxxxFcIK4DxzFLZ5mb+Zfv0qhlO 2xtzNiFKU++IYaUA2ylkl9A8= X-Received: by 127.0.0.2 with SMTP id bO2zYY7687511xq1JTUbfk4M; Mon, 13 Nov 2023 06:59:24 -0800 X-Received: from us-smtp-delivery-124.mimecast.com (us-smtp-delivery-124.mimecast.com [170.10.133.124]) by mx.groups.io with SMTP id smtpd.web10.38731.1699887563552735202 for ; Mon, 13 Nov 2023 06:59:23 -0800 X-Received: from mimecast-mx02.redhat.com (mimecast-mx02.redhat.com [66.187.233.88]) by relay.mimecast.com with ESMTP with STARTTLS (version=TLSv1.3, cipher=TLS_AES_256_GCM_SHA384) id us-mta-588-lxfDiYvKN0eh6ajB1P8sFQ-1; Mon, 13 Nov 2023 09:59:21 -0500 X-MC-Unique: lxfDiYvKN0eh6ajB1P8sFQ-1 X-Received: from smtp.corp.redhat.com (int-mx06.intmail.prod.int.rdu2.redhat.com [10.11.54.6]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (2048 bits) server-digest SHA256) (No client certificate requested) by mimecast-mx02.redhat.com (Postfix) with ESMTPS id 10CEA89C67F; Mon, 13 Nov 2023 14:59:21 +0000 (UTC) X-Received: from [10.39.192.220] (unknown [10.39.192.220]) by smtp.corp.redhat.com (Postfix) with ESMTPS id 4F96F2166B26; Mon, 13 Nov 2023 14:59:20 +0000 (UTC) Message-ID: Date: Mon, 13 Nov 2023 15:59:19 +0100 MIME-Version: 1.0 Subject: Re: [edk2-devel] [PATCH v1 1/1] Bug 2861 - HiiDatabaseDxe, ConfigRouting.c, GetElementsFromRequest incorrect error handling. To: devel@edk2.groups.io, chip.programmer@att.net References: <62690423D2A24D1DBB82CD22AE44EADE.ref@DESKTOPQUG2G9K> <62690423D2A24D1DBB82CD22AE44EADE@DESKTOPQUG2G9K> From: "Laszlo Ersek" In-Reply-To: <62690423D2A24D1DBB82CD22AE44EADE@DESKTOPQUG2G9K> X-Scanned-By: MIMEDefang 3.4.1 on 10.11.54.6 X-Mimecast-Spam-Score: 0 X-Mimecast-Originator: redhat.com Precedence: Bulk List-Subscribe: List-Help: Sender: devel@edk2.groups.io List-Id: Mailing-List: list devel@edk2.groups.io; contact devel+owner@edk2.groups.io Reply-To: devel@edk2.groups.io,lersek@redhat.com List-Unsubscribe-Post: List-Unsubscribe=One-Click List-Unsubscribe: X-Gm-Message-State: RE586HlGzpICQ5m64jdbUXAXx7686176AA= Content-Language: en-US Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit X-GND-Status: LEGIT Authentication-Results: spool.mail.gandi.net; dkim=pass header.d=groups.io header.s=20140610 header.b=S2KKdMuw; dmarc=fail reason="SPF not aligned (relaxed), DKIM not aligned (relaxed)" header.from=redhat.com (policy=none); spf=pass (spool.mail.gandi.net: domain of bounce@groups.io designates 66.175.222.108 as permitted sender) smtp.mailfrom=bounce@groups.io Hi Charles, On 10/26/23 03:05, Charles Hyde wrote: > From: Charles Hyde > > BZ: https://bugzilla.tianocore.org/show_bug.cgi?id=2861 > > I believe the attached ConfigRouting.txt patch will resolve bug 2861, plus > resolve an uninitialized pointer issue in HiiConfigRoutingExportConfig(). > The uninitialized pointer was identified when running the EDK2 Self > Certification Test with all tests selected, having caused the CPU to issue > an exception error (most times) or completely trashed the system > (sometimes). > > I found a second instance of GetElementsFromRequest(), located in HiiLib.c, > that also needed an update.  The attached patch should address this bug and > more. > > Signed-off-by: Charles Hyde > --- Thanks for analyzing and fixing these bugs. Can you please split the separate fixes to separate patches? Also, the patch looks garbled; it shouldn't be attached / pasted but sent with git-send-email. Are you familiar with git-send-email? Here's the official docs: https://github.com/tianocore/tianocore.github.io/wiki/EDK-II-Development-Process and some unofficial tips: https://github.com/tianocore/tianocore.github.io/wiki/Laszlo's-unkempt-git-guide-for-edk2-contributors-and-maintainers Third, I suggest not to comment out, with /* */, dead code (such as a subcondition that always evaluates to false or true); instead, remove it, and explain in the commit message (or, if necessary, in a code comment) why that condition is a tautology. If the condition or argument is nontrivial, consider using an ASSERT(). Laszlo > > diff --git a/MdeModulePkg/Library/UefiHiiLib/HiiLib.c > b/MdeModulePkg/Library/UefiHiiLib/HiiLib.c > index 63a37ab59a..c3dc7bf558 100644 > --- a/MdeModulePkg/Library/UefiHiiLib/HiiLib.c > +++ b/MdeModulePkg/Library/UefiHiiLib/HiiLib.c > @@ -2272,8 +2272,14 @@ GetElementsFromRequest ( > { >   EFI_STRING  TmpRequest; > > +  ASSERT (ConfigRequest != NULL); > +  if (ConfigRequest == NULL) > +    return FALSE; > + >   TmpRequest = StrStr (ConfigRequest, L"PATH="); >   ASSERT (TmpRequest != NULL); > +  if (TmpRequest == NULL) > +    return FALSE; > >   if ((StrStr (TmpRequest, L"&OFFSET=") != NULL) || (StrStr (TmpRequest, > L"&") != NULL)) { >     return TRUE; > diff --git a/MdeModulePkg/Universal/HiiDatabaseDxe/ConfigRouting.c > b/MdeModulePkg/Universal/HiiDatabaseDxe/ConfigRouting.c > index 5ae6189a28..0b39f156f3 100644 > --- a/MdeModulePkg/Universal/HiiDatabaseDxe/ConfigRouting.c > +++ b/MdeModulePkg/Universal/HiiDatabaseDxe/ConfigRouting.c > @@ -420,14 +420,19 @@ AppendToMultiString ( >   } > >   AppendStringSize = StrSize (AppendString); > +  if (AppendStringSize <= sizeof(*AppendString))    // If the string is > empty, there is no need to proceed further. > +    return EFI_SUCCESS; > + >   MultiStringSize  = StrSize (*MultiString); >   MaxLen           = MAX_STRING_LENGTH / sizeof (CHAR16); > >   // >   // Enlarge the buffer each time when length exceeds MAX_STRING_LENGTH. >   // > -  if ((MultiStringSize + AppendStringSize > MAX_STRING_LENGTH) || > -      (MultiStringSize > MAX_STRING_LENGTH)) > +  if ((MultiStringSize + AppendStringSize > MAX_STRING_LENGTH) /*|| > +      (MultiStringSize > MAX_STRING_LENGTH)*/)  // There is no need to > check the second part. > +                                                // If the first part is > false, the second part will always be false. > +                                                // If the second part is > true, the first part must also be true. >   { >     *MultiString = (EFI_STRING)ReallocatePool ( >                                  MultiStringSize, > @@ -1800,8 +1805,14 @@ GetElementsFromRequest ( > { >   EFI_STRING  TmpRequest; > > +  ASSERT (ConfigRequest != NULL); > +  if (ConfigRequest == NULL) > +    return FALSE; > + >   TmpRequest = StrStr (ConfigRequest, L"PATH="); >   ASSERT (TmpRequest != NULL); > +  if (TmpRequest == NULL) > +    return FALSE; > >   if ((StrStr (TmpRequest, L"&OFFSET=") != NULL) || (StrStr (TmpRequest, > L"&") != NULL)) { >     return TRUE; > @@ -5292,6 +5303,7 @@ HiiConfigRoutingExportConfig ( >     // >     IfrDataParsedFlag = FALSE; >     Progress          = NULL; > +    AccessResults     = NULL; >     HiiHandle         = NULL; >     DefaultResults    = NULL; >     Database          = NULL; > @@ -5326,6 +5338,14 @@ HiiConfigRoutingExportConfig ( >                              &AccessResults >                              ); >     if (EFI_ERROR (Status)) { > + > +      // If an error was returned, then do not believe any results in > these > two pointers. > +      Progress = NULL; > +      if (AccessResults) { > +        FreePool (AccessResults); > +        AccessResults = NULL; > +      } > + >       // >       // Update AccessResults by getting default setting from IFR when > HiiPackage is registered to HiiHandle >       // > @@ -5350,6 +5370,17 @@ HiiConfigRoutingExportConfig ( >     } > >     if (!EFI_ERROR (Status)) { > + > +      // If AccessResults == NULL, there is nothing to be done. > +      if (AccessResults == NULL) { > +        Progress = NULL; > + > +        if (ConfigRequest != NULL) > +          FreePool (ConfigRequest); > + > +        continue; > +      } > + >       // >       // Update AccessResults by getting default setting from IFR when > HiiPackage is registered to HiiHandle >       // > > > > > -=-=-=-=-=-=-=-=-=-=-=- Groups.io Links: You receive all messages sent to this group. View/Reply Online (#111158): https://edk2.groups.io/g/devel/message/111158 Mute This Topic: https://groups.io/mt/102191640/7686176 Group Owner: devel+owner@edk2.groups.io Unsubscribe: https://edk2.groups.io/g/devel/leave/12367111/7686176/1913456212/xyzzy [rebecca@openfw.io] -=-=-=-=-=-=-=-=-=-=-=-