Push @ 1009b59b6525c16724fe2684c344a6359af28b55 >-----Original Message----- >From: devel@edk2.groups.io [mailto:devel@edk2.groups.io] On Behalf Of >Liming Gao >Sent: Monday, October 21, 2019 11:12 AM >To: marvin.haeu...@outlook.com; devel@edk2.groups.io >Cc: vit9...@protonmail.com; Kinney, Michael D <michael.d.kin...@intel.com> >Subject: Re: [edk2-devel] [PATCH] MdePkg/UefiFileHandleLib: Fix potential >NULL dereference > >Reviewed-by: Liming Gao <liming....@intel.com> > >>-----Original Message----- >>From: Marvin Häuser [mailto:marvin.haeu...@outlook.com] >>Sent: Sunday, October 20, 2019 8:09 PM >>To: devel@edk2.groups.io >>Cc: vit9...@protonmail.com; Kinney, Michael D >><michael.d.kin...@intel.com>; Gao, Liming <liming....@intel.com> >>Subject: [PATCH] MdePkg/UefiFileHandleLib: Fix potential NULL dereference >> >>From: Marvin Haeuser <mhaeu...@outlook.de> >> >>REF: https://bugzilla.tianocore.org/show_bug.cgi?id=2293 >> >>Move the NULL check in FileHandleGetInfo() to directly after the >>allocation to prevent potential NULL dereferences. >> >>Cc: Michael D Kinney <michael.d.kin...@intel.com> >>Cc: Liming Gao <liming....@intel.com> >>Signed-off-by: Marvin Haeuser <mhaeu...@outlook.de> >>--- >> MdePkg/Library/UefiFileHandleLib/UefiFileHandleLib.c | 28 +++++++++++-- >-- >>----- >> 1 file changed, 15 insertions(+), 13 deletions(-) >> >>diff --git a/MdePkg/Library/UefiFileHandleLib/UefiFileHandleLib.c >>b/MdePkg/Library/UefiFileHandleLib/UefiFileHandleLib.c >>index 96913c5c02b8..5dc893833a46 100644 >>--- a/MdePkg/Library/UefiFileHandleLib/UefiFileHandleLib.c >>+++ b/MdePkg/Library/UefiFileHandleLib/UefiFileHandleLib.c >>@@ -68,19 +68,21 @@ FileHandleGetInfo ( >> // error is expected. getting size to allocate >> >> // >> >> FileInfo = AllocateZeroPool(FileInfoSize); >> >>- // >> >>- // now get the information >> >>- // >> >>- Status = FileHandle->GetInfo(FileHandle, >> >>- &gEfiFileInfoGuid, >> >>- &FileInfoSize, >> >>- FileInfo); >> >>- // >> >>- // if we got an error free the memory and return NULL >> >>- // >> >>- if (EFI_ERROR(Status) && (FileInfo != NULL)) { >> >>- FreePool(FileInfo); >> >>- FileInfo = NULL; >> >>+ if (FileInfo != NULL) { >> >>+ // >> >>+ // now get the information >> >>+ // >> >>+ Status = FileHandle->GetInfo(FileHandle, >> >>+ &gEfiFileInfoGuid, >> >>+ &FileInfoSize, >> >>+ FileInfo); >> >>+ // >> >>+ // if we got an error free the memory and return NULL >> >>+ // >> >>+ if (EFI_ERROR(Status)) { >> >>+ FreePool(FileInfo); >> >>+ FileInfo = NULL; >> >>+ } >> >> } >> >> } >> >> return (FileInfo); >> >>-- >>2.23.0.windows.1 > > >
-=-=-=-=-=-=-=-=-=-=-=- Groups.io Links: You receive all messages sent to this group. View/Reply Online (#49894): https://edk2.groups.io/g/devel/message/49894 Mute This Topic: https://groups.io/mt/35954827/21656 Group Owner: devel+ow...@edk2.groups.io Unsubscribe: https://edk2.groups.io/g/devel/unsub [arch...@mail-archive.com] -=-=-=-=-=-=-=-=-=-=-=-
