When failure happens in HttpDxeStart, the error handling code
release the memory buffer but it does not uninstall HTTP service
bindnig protocol. As the result, application can still locate
this protocol and invoke service binding fucntions in released
memory pool.
Signed-off-by: Nickle Wang <nick...@nvidia.com>
Cc: Maciej Rabeda <maciej.rab...@linux.intel.com>
Cc: Siyuan Fu <siyuan...@intel.com>
Cc: Abner Chang <abner.ch...@amd.com>
Cc: Igor Kulchytskyy <ig...@ami.com>
Cc: Nick Ramirez <nrami...@nvidia.com>
---
NetworkPkg/HttpDxe/HttpDriver.c | 13 +++++++++++--
1 file changed, 11 insertions(+), 2 deletions(-)
diff --git a/NetworkPkg/HttpDxe/HttpDriver.c b/NetworkPkg/HttpDxe/HttpDriver.c
index 5d918d3c4d..f6d1263cad 100644
--- a/NetworkPkg/HttpDxe/HttpDriver.c
+++ b/NetworkPkg/HttpDxe/HttpDriver.c
@@ -3,6 +3,7 @@
Copyright (c) 2015 - 2018, Intel Corporation. All rights reserved.<BR>
(C) Copyright 2016 Hewlett Packard Enterprise Development LP<BR>
+ Copyright (c) 2023, NVIDIA CORPORATION & AFFILIATES. All rights reserved.
SPDX-License-Identifier: BSD-2-Clause-Patent
@@ -464,8 +465,16 @@ ON_ERROR:
if (HttpService != NULL) {
HttpCleanService (HttpService, UsingIpv6);
- if ((HttpService->Tcp4ChildHandle == NULL) &&
(HttpService->Tcp6ChildHandle == NULL)) {
- FreePool (HttpService);
+ Status = gBS->UninstallMultipleProtocolInterfaces (
+ &ControllerHandle,
+ &gEfiHttpServiceBindingProtocolGuid,
+ &HttpService->ServiceBinding,
+ NULL
+ );
+ if (!EFI_ERROR (Status)) {
+ if ((HttpService->Tcp4ChildHandle == NULL) &&
(HttpService->Tcp6ChildHandle == NULL)) {
+ FreePool (HttpService);
+ }
}
}
--
2.39.1.windows.1
-=-=-=-=-=-=-=-=-=-=-=-
Groups.io Links: You receive all messages sent to this group.
View/Reply Online (#100003): https://edk2.groups.io/g/devel/message/100003
Mute This Topic: https://groups.io/mt/96875048/21656
Group Owner: devel+ow...@edk2.groups.io
Unsubscribe: https://edk2.groups.io/g/devel/unsub [arch...@mail-archive.com]
-=-=-=-=-=-=-=-=-=-=-=-
