[edk2-devel] [PATCH] MdeModulePkg/CapsulePei: Add memory pointer check

Gao, Zhichao posted 1 patch 4 years, 9 months ago
Failed in applying to current master (apply log)
MdeModulePkg/Universal/CapsulePei/UefiCapsule.c | 6 +++++-
1 file changed, 5 insertions(+), 1 deletion(-)
[edk2-devel] [PATCH] MdeModulePkg/CapsulePei: Add memory pointer check
Posted by Gao, Zhichao 4 years, 9 months ago
REF: https://bugzilla.tianocore.org/show_bug.cgi?id=1935

Before use the memory that is allocated through AllocateZeroPool,
we should check the memory pointer is valid to avoid using the
NULL pointer.
Add check for VariableArrayAddress that is returned from
GetScatterGatherHeadEntries. If it is NULL, directly return
the error status.

Cc: Jian J Wang <jian.j.wang@intel.com>
Cc: Hao A Wu <hao.a.wu@intel.com>
Cc: Ray Ni <ray.ni@intel.com>
Cc: Star Zeng <star.zeng@intel.com>
Signed-off-by: Zhichao Gao <zhichao.gao@intel.com>
---
 MdeModulePkg/Universal/CapsulePei/UefiCapsule.c | 6 +++++-
 1 file changed, 5 insertions(+), 1 deletion(-)

diff --git a/MdeModulePkg/Universal/CapsulePei/UefiCapsule.c b/MdeModulePkg/Universal/CapsulePei/UefiCapsule.c
index 8d4ae69bb2..51afab7b05 100644
--- a/MdeModulePkg/Universal/CapsulePei/UefiCapsule.c
+++ b/MdeModulePkg/Universal/CapsulePei/UefiCapsule.c
@@ -965,6 +965,10 @@ GetScatterGatherHeadEntries (
     //
     if ((ValidIndex + 1) >= TempListLength) {
       EnlargedTempList = AllocateZeroPool (TempListLength * 2);
+      if (EnlargedTempList == NULL) {
+        DEBUG ((DEBUG_ERROR, "Fail to allocate memory!\n"));
+        return EFI_OUT_OF_RESOURCES;
+      }
       CopyMem (EnlargedTempList, TempList, TempListLength);
       FreePool (TempList);
       TempList = EnlargedTempList;
@@ -1056,7 +1060,7 @@ CapsuleCoalesce (
   // Get SG list entries
   //
   Status = GetScatterGatherHeadEntries (&ListLength, &VariableArrayAddress);
-  if (EFI_ERROR (Status)) {
+  if (EFI_ERROR (Status) || VariableArrayAddress == NULL) {
     DEBUG ((DEBUG_ERROR, "%a failed to get Scatter Gather List Head Entries.  Status = %r\n", __FUNCTION__, Status));
     goto Done;
   }
-- 
2.21.0.windows.1


-=-=-=-=-=-=-=-=-=-=-=-
Groups.io Links: You receive all messages sent to this group.

View/Reply Online (#42776): https://edk2.groups.io/g/devel/message/42776
Mute This Topic: https://groups.io/mt/32199972/1787277
Group Owner: devel+owner@edk2.groups.io
Unsubscribe: https://edk2.groups.io/g/devel/unsub  [importer@patchew.org]
-=-=-=-=-=-=-=-=-=-=-=-

Re: [edk2-devel] [PATCH] MdeModulePkg/CapsulePei: Add memory pointer check
Posted by Wu, Hao A 4 years, 9 months ago
> -----Original Message-----
> From: Gao, Zhichao
> Sent: Tuesday, June 25, 2019 11:23 AM
> To: devel@edk2.groups.io
> Cc: Wang, Jian J; Wu, Hao A; Ni, Ray; Zeng, Star
> Subject: [PATCH] MdeModulePkg/CapsulePei: Add memory pointer check
> 
> REF: https://bugzilla.tianocore.org/show_bug.cgi?id=1935
> 
> Before use the memory that is allocated through AllocateZeroPool,
> we should check the memory pointer is valid to avoid using the
> NULL pointer.
> Add check for VariableArrayAddress that is returned from
> GetScatterGatherHeadEntries. If it is NULL, directly return
> the error status.
> 
> Cc: Jian J Wang <jian.j.wang@intel.com>
> Cc: Hao A Wu <hao.a.wu@intel.com>
> Cc: Ray Ni <ray.ni@intel.com>
> Cc: Star Zeng <star.zeng@intel.com>
> Signed-off-by: Zhichao Gao <zhichao.gao@intel.com>
> ---
>  MdeModulePkg/Universal/CapsulePei/UefiCapsule.c | 6 +++++-
>  1 file changed, 5 insertions(+), 1 deletion(-)
> 
> diff --git a/MdeModulePkg/Universal/CapsulePei/UefiCapsule.c
> b/MdeModulePkg/Universal/CapsulePei/UefiCapsule.c
> index 8d4ae69bb2..51afab7b05 100644
> --- a/MdeModulePkg/Universal/CapsulePei/UefiCapsule.c
> +++ b/MdeModulePkg/Universal/CapsulePei/UefiCapsule.c
> @@ -965,6 +965,10 @@ GetScatterGatherHeadEntries (
>      //
>      if ((ValidIndex + 1) >= TempListLength) {
>        EnlargedTempList = AllocateZeroPool (TempListLength * 2);
> +      if (EnlargedTempList == NULL) {
> +        DEBUG ((DEBUG_ERROR, "Fail to allocate memory!\n"));
> +        return EFI_OUT_OF_RESOURCES;
> +      }
>        CopyMem (EnlargedTempList, TempList, TempListLength);
>        FreePool (TempList);
>        TempList = EnlargedTempList;
> @@ -1056,7 +1060,7 @@ CapsuleCoalesce (
>    // Get SG list entries
>    //
>    Status = GetScatterGatherHeadEntries (&ListLength,
> &VariableArrayAddress);
> -  if (EFI_ERROR (Status)) {
> +  if (EFI_ERROR (Status) || VariableArrayAddress == NULL) {


Reviewed-by: Hao A Wu <hao.a.wu@intel.com>

Best Regards,
Hao Wu


>      DEBUG ((DEBUG_ERROR, "%a failed to get Scatter Gather List Head Entries.
> Status = %r\n", __FUNCTION__, Status));
>      goto Done;
>    }
> --
> 2.21.0.windows.1


-=-=-=-=-=-=-=-=-=-=-=-
Groups.io Links: You receive all messages sent to this group.

View/Reply Online (#42779): https://edk2.groups.io/g/devel/message/42779
Mute This Topic: https://groups.io/mt/32199972/1787277
Group Owner: devel+owner@edk2.groups.io
Unsubscribe: https://edk2.groups.io/g/devel/unsub  [importer@patchew.org]
-=-=-=-=-=-=-=-=-=-=-=-

Re: [edk2-devel] [PATCH] MdeModulePkg/CapsulePei: Add memory pointer check
Posted by Wu, Hao A 4 years, 9 months ago
> -----Original Message-----
> From: devel@edk2.groups.io [mailto:devel@edk2.groups.io] On Behalf Of
> Wu, Hao A
> Sent: Tuesday, June 25, 2019 2:54 PM
> To: Gao, Zhichao; devel@edk2.groups.io
> Cc: Wang, Jian J; Ni, Ray; Zeng, Star
> Subject: Re: [edk2-devel] [PATCH] MdeModulePkg/CapsulePei: Add
> memory pointer check
> 
> > -----Original Message-----
> > From: Gao, Zhichao
> > Sent: Tuesday, June 25, 2019 11:23 AM
> > To: devel@edk2.groups.io
> > Cc: Wang, Jian J; Wu, Hao A; Ni, Ray; Zeng, Star
> > Subject: [PATCH] MdeModulePkg/CapsulePei: Add memory pointer check
> >
> > REF: https://bugzilla.tianocore.org/show_bug.cgi?id=1935
> >
> > Before use the memory that is allocated through AllocateZeroPool,
> > we should check the memory pointer is valid to avoid using the
> > NULL pointer.
> > Add check for VariableArrayAddress that is returned from
> > GetScatterGatherHeadEntries. If it is NULL, directly return
> > the error status.
> >
> > Cc: Jian J Wang <jian.j.wang@intel.com>
> > Cc: Hao A Wu <hao.a.wu@intel.com>
> > Cc: Ray Ni <ray.ni@intel.com>
> > Cc: Star Zeng <star.zeng@intel.com>
> > Signed-off-by: Zhichao Gao <zhichao.gao@intel.com>
> > ---
> >  MdeModulePkg/Universal/CapsulePei/UefiCapsule.c | 6 +++++-
> >  1 file changed, 5 insertions(+), 1 deletion(-)
> >
> > diff --git a/MdeModulePkg/Universal/CapsulePei/UefiCapsule.c
> > b/MdeModulePkg/Universal/CapsulePei/UefiCapsule.c
> > index 8d4ae69bb2..51afab7b05 100644
> > --- a/MdeModulePkg/Universal/CapsulePei/UefiCapsule.c
> > +++ b/MdeModulePkg/Universal/CapsulePei/UefiCapsule.c
> > @@ -965,6 +965,10 @@ GetScatterGatherHeadEntries (
> >      //
> >      if ((ValidIndex + 1) >= TempListLength) {
> >        EnlargedTempList = AllocateZeroPool (TempListLength * 2);
> > +      if (EnlargedTempList == NULL) {
> > +        DEBUG ((DEBUG_ERROR, "Fail to allocate memory!\n"));
> > +        return EFI_OUT_OF_RESOURCES;
> > +      }
> >        CopyMem (EnlargedTempList, TempList, TempListLength);
> >        FreePool (TempList);
> >        TempList = EnlargedTempList;
> > @@ -1056,7 +1060,7 @@ CapsuleCoalesce (
> >    // Get SG list entries
> >    //
> >    Status = GetScatterGatherHeadEntries (&ListLength,
> > &VariableArrayAddress);
> > -  if (EFI_ERROR (Status)) {
> > +  if (EFI_ERROR (Status) || VariableArrayAddress == NULL) {
> 
> 
> Reviewed-by: Hao A Wu <hao.a.wu@intel.com>


Pushed via commit 846b1652d9.

Best Regards,
Hao Wu


> 
> Best Regards,
> Hao Wu
> 
> 
> >      DEBUG ((DEBUG_ERROR, "%a failed to get Scatter Gather List Head
> Entries.
> > Status = %r\n", __FUNCTION__, Status));
> >      goto Done;
> >    }
> > --
> > 2.21.0.windows.1
> 
> 
> 


-=-=-=-=-=-=-=-=-=-=-=-
Groups.io Links: You receive all messages sent to this group.

View/Reply Online (#42877): https://edk2.groups.io/g/devel/message/42877
Mute This Topic: https://groups.io/mt/32199972/1787277
Group Owner: devel+owner@edk2.groups.io
Unsubscribe: https://edk2.groups.io/g/devel/unsub  [importer@patchew.org]
-=-=-=-=-=-=-=-=-=-=-=-