.../UefiHandleParsingLib/UefiHandleParsingLib.c | 14 +++++++++----- 1 file changed, 9 insertions(+), 5 deletions(-)
REF: https://bugzilla.tianocore.org/show_bug.cgi?id=1965
For function InsertNewGuidNameMapping, it rellocate the
mGuidList with new size
"mGuidListCount+1 * sizeof(GUID_INFO_BLOCK)". That isn't
its purpose and would cause a overflow operation in
"mGuidList[mGuidListCount - 1].xxx = xxx". Its purpose
is to increase 1 block size of mGuidList. Change it to
"(mGuidListCount + 1) * sizeof (GUID_INFO_BLOCK)".
Adjust the coding style of this function.
Cc: Jaben Carsey <jaben.carsey@intel.com>
Cc: Ray Ni <ray.ni@intel.com>
Cc: Andrew Fish <afish@apple.com>
Signed-off-by: Zhichao Gao <zhichao.gao@intel.com>
---
V2:
Update the copyright.
.../UefiHandleParsingLib/UefiHandleParsingLib.c | 14 +++++++++-----
1 file changed, 9 insertions(+), 5 deletions(-)
diff --git a/ShellPkg/Library/UefiHandleParsingLib/UefiHandleParsingLib.c b/ShellPkg/Library/UefiHandleParsingLib/UefiHandleParsingLib.c
index f179c41092..43c19b9a91 100644
--- a/ShellPkg/Library/UefiHandleParsingLib/UefiHandleParsingLib.c
+++ b/ShellPkg/Library/UefiHandleParsingLib/UefiHandleParsingLib.c
@@ -1,7 +1,7 @@
/** @file
Provides interface to advanced shell functionality for parsing both handle and protocol database.
- Copyright (c) 2010 - 2017, Intel Corporation. All rights reserved.<BR>
+ Copyright (c) 2010 - 2019, Intel Corporation. All rights reserved.<BR>
(C) Copyright 2013-2015 Hewlett-Packard Development Company, L.P.<BR>
(C) Copyright 2015-2016 Hewlett Packard Enterprise Development LP<BR>
SPDX-License-Identifier: BSD-2-Clause-Patent
@@ -2462,17 +2462,21 @@ InsertNewGuidNameMapping(
IN CONST DUMP_PROTOCOL_INFO DumpFunc OPTIONAL
)
{
- ASSERT(Guid != NULL);
- ASSERT(NameID != 0);
+ ASSERT (Guid != NULL);
+ ASSERT (NameID != 0);
- mGuidList = ReallocatePool(mGuidListCount * sizeof(GUID_INFO_BLOCK), mGuidListCount+1 * sizeof(GUID_INFO_BLOCK), mGuidList);
+ mGuidList = ReallocatePool (
+ mGuidListCount * sizeof (GUID_INFO_BLOCK),
+ (mGuidListCount + 1) * sizeof (GUID_INFO_BLOCK),
+ mGuidList
+ );
if (mGuidList == NULL) {
mGuidListCount = 0;
return (EFI_OUT_OF_RESOURCES);
}
mGuidListCount++;
- mGuidList[mGuidListCount - 1].GuidId = AllocateCopyPool(sizeof(EFI_GUID), Guid);
+ mGuidList[mGuidListCount - 1].GuidId = AllocateCopyPool (sizeof (EFI_GUID), Guid);
mGuidList[mGuidListCount - 1].StringId = NameID;
mGuidList[mGuidListCount - 1].DumpInfo = DumpFunc;
--
2.21.0.windows.1
-=-=-=-=-=-=-=-=-=-=-=-
Groups.io Links: You receive all messages sent to this group.
View/Reply Online (#44096): https://edk2.groups.io/g/devel/message/44096
Mute This Topic: https://groups.io/mt/32556056/1787277
Group Owner: devel+owner@edk2.groups.io
Unsubscribe: https://edk2.groups.io/g/devel/unsub [importer@patchew.org]
-=-=-=-=-=-=-=-=-=-=-=-
© 2016 - 2024 Red Hat, Inc.