Bret: This fix is correct. I am interest that why the compiler doesn’t detect this issue.
Reviewed-by: Liming Gao <gaolim...@byosoft.com.cn> Thanks Liming 发件人: Bret Barkelew <bret.barke...@microsoft.com> 发送时间: 2021年4月10日 2:34 收件人: devel@edk2.groups.io; b...@corthon.com; Liming Gao <gaolim...@byosoft.com.cn> 抄送: Jian J Wang <jian.j.w...@intel.com>; Hao A Wu <hao.a...@intel.com> 主题: RE: [EXTERNAL] [edk2-devel] [PATCH v1 1/1] MdeModulePkg: Initialize temp variable in VarCheckPolicyLib + <mailto:gaolim...@byosoft.com.cn> @Liming Gao - Bret From: Bret Barkelew via groups.io <mailto:bret=corthon....@groups.io> Sent: Friday, April 9, 2021 11:25 AM To: devel@edk2.groups.io <mailto:devel@edk2.groups.io> Cc: Jian J Wang <mailto:jian.j.w...@intel.com> ; Hao A Wu <mailto:hao.a...@intel.com> Subject: [EXTERNAL] [edk2-devel] [PATCH v1 1/1] MdeModulePkg: Initialize temp variable in VarCheckPolicyLib DumpVariablePolicy() will return EFI_INVALID_PARAMETER if the Buffer pointer is NULL and the indirect Size is anything but 0. Since this TempSize was not being initialized it is very likely that this sequence would not return the total buffer size as expected. Bugzilla: https://nam06.safelinks.protection.outlook.com/?url=https%3A%2F%2Fbugzilla.t ianocore.org%2Fshow_bug.cgi%3Fid%3D3310 <https://nam06.safelinks.protection. outlook.com/?url=https%3A%2F%2Fbugzilla.tianocore.org%2Fshow_bug.cgi%3Fid%3D 3310&data=04%7C01%7CBret.Barkelew%40microsoft.com%7C3d2f574a01a048aed607 08d8fb84dcbb%7C72f988bf86f141af91ab2d7cd011db47%7C1%7C0%7C637535895350828079 %7CUnknown%7CTWFpbGZsb3d8eyJWIjoiMC4wLjAwMDAiLCJQIjoiV2luMzIiLCJBTiI6Ik1haWw iLCJXVCI6Mn0%3D%7C1000&sdata=j6KmN6jcwoGJlunjspLawLJtYqCwGWw18pXNZVMNdC8 %3D&reserved=0> &data=04%7C01%7CBret.Barkelew%40microsoft.com%7C3d2f574a01a048aed60708d8 fb84dcbb%7C72f988bf86f141af91ab2d7cd011db47%7C1%7C0%7C637535895350828079%7CU nknown%7CTWFpbGZsb3d8eyJWIjoiMC4wLjAwMDAiLCJQIjoiV2luMzIiLCJBTiI6Ik1haWwiLCJ XVCI6Mn0%3D%7C1000&sdata=j6KmN6jcwoGJlunjspLawLJtYqCwGWw18pXNZVMNdC8%3D& amp;reserved=0 Cc: Jian J Wang <jian.j.w...@intel.com <mailto:jian.j.w...@intel.com> > Cc: Hao A Wu <hao.a...@intel.com <mailto:hao.a...@intel.com> > Signed-off-by: Bret Barkelew <bret.barke...@microsoft.com <mailto:bret.barke...@microsoft.com> > --- MdeModulePkg/Library/VarCheckPolicyLib/VarCheckPolicyLib.c | 1 + 1 file changed, 1 insertion(+) diff --git a/MdeModulePkg/Library/VarCheckPolicyLib/VarCheckPolicyLib.c b/MdeModulePkg/Library/VarCheckPolicyLib/VarCheckPolicyLib.c index 14e1904e96d3..e50edb4ffc5a 100644 --- a/MdeModulePkg/Library/VarCheckPolicyLib/VarCheckPolicyLib.c +++ b/MdeModulePkg/Library/VarCheckPolicyLib/VarCheckPolicyLib.c @@ -216,6 +216,7 @@ VarCheckPolicyLibMmiHandler ( DumpParamsOut->TotalSize = 0; DumpParamsOut->PageSize = 0; DumpParamsOut->HasMore = FALSE; + TempSize = 0; SubCommandStatus = DumpVariablePolicy (NULL, &TempSize); if (SubCommandStatus == EFI_BUFFER_TOO_SMALL && TempSize > 0) { mCurrentPaginationCommand = VAR_CHECK_POLICY_COMMAND_DUMP; -- 2.28.0.windows.1 -=-=-=-=-=-=-=-=-=-=-=- Groups.io Links: You receive all messages sent to this group. View/Reply Online (#73927): https://edk2.groups.io/g/devel/message/73927 Mute This Topic: https://groups.io/mt/82028626/21656 Group Owner: devel+ow...@edk2.groups.io Unsubscribe: https://edk2.groups.io/g/devel/unsub [arch...@mail-archive.com] -=-=-=-=-=-=-=-=-=-=-=-
