Re: [edk2-devel] [PATCH] MdePkg/UefiFileHandleLib: Fix potential NULL dereference

Sun, 20 Oct 2019 20:12:36 -0700 

Reviewed-by: Liming Gao <liming....@intel.com>

>-----Original Message-----
>From: Marvin Häuser [mailto:marvin.haeu...@outlook.com]
>Sent: Sunday, October 20, 2019 8:09 PM
>To: devel@edk2.groups.io
>Cc: vit9...@protonmail.com; Kinney, Michael D
><michael.d.kin...@intel.com>; Gao, Liming <liming....@intel.com>
>Subject: [PATCH] MdePkg/UefiFileHandleLib: Fix potential NULL dereference
>
>From: Marvin Haeuser <mhaeu...@outlook.de>
>
>REF: https://bugzilla.tianocore.org/show_bug.cgi?id=2293
>
>Move the NULL check in FileHandleGetInfo() to directly after the
>allocation to prevent potential NULL dereferences.
>
>Cc: Michael D Kinney <michael.d.kin...@intel.com>
>Cc: Liming Gao <liming....@intel.com>
>Signed-off-by: Marvin Haeuser <mhaeu...@outlook.de>
>---
> MdePkg/Library/UefiFileHandleLib/UefiFileHandleLib.c | 28 +++++++++++----
>-----
> 1 file changed, 15 insertions(+), 13 deletions(-)
>
>diff --git a/MdePkg/Library/UefiFileHandleLib/UefiFileHandleLib.c
>b/MdePkg/Library/UefiFileHandleLib/UefiFileHandleLib.c
>index 96913c5c02b8..5dc893833a46 100644
>--- a/MdePkg/Library/UefiFileHandleLib/UefiFileHandleLib.c
>+++ b/MdePkg/Library/UefiFileHandleLib/UefiFileHandleLib.c
>@@ -68,19 +68,21 @@ FileHandleGetInfo (
>     // error is expected.  getting size to allocate
>
>     //
>
>     FileInfo = AllocateZeroPool(FileInfoSize);
>
>-    //
>
>-    // now get the information
>
>-    //
>
>-    Status = FileHandle->GetInfo(FileHandle,
>
>-                                 &gEfiFileInfoGuid,
>
>-                                 &FileInfoSize,
>
>-                                 FileInfo);
>
>-    //
>
>-    // if we got an error free the memory and return NULL
>
>-    //
>
>-    if (EFI_ERROR(Status) && (FileInfo != NULL)) {
>
>-      FreePool(FileInfo);
>
>-      FileInfo = NULL;
>
>+    if (FileInfo != NULL) {
>
>+      //
>
>+      // now get the information
>
>+      //
>
>+      Status = FileHandle->GetInfo(FileHandle,
>
>+                                   &gEfiFileInfoGuid,
>
>+                                   &FileInfoSize,
>
>+                                   FileInfo);
>
>+      //
>
>+      // if we got an error free the memory and return NULL
>
>+      //
>
>+      if (EFI_ERROR(Status)) {
>
>+        FreePool(FileInfo);
>
>+        FileInfo = NULL;
>
>+      }
>
>     }
>
>   }
>
>   return (FileInfo);
>
>--
>2.23.0.windows.1


-=-=-=-=-=-=-=-=-=-=-=-
Groups.io Links: You receive all messages sent to this group.

View/Reply Online (#49273): https://edk2.groups.io/g/devel/message/49273
Mute This Topic: https://groups.io/mt/35954827/21656
Group Owner: devel+ow...@edk2.groups.io
Unsubscribe: https://edk2.groups.io/g/devel/unsub  [arch...@mail-archive.com]
-=-=-=-=-=-=-=-=-=-=-=-

Reply via email to