ShellPkg/UefiHandleParsingLib: Fix incorrect reallocate pool

[edk2-devel] [PATCH V2] ShellPkg/UefiHandleParsingLib: Fix incorrect reallocate pool
Posted by Gao, Zhichao 4 years, 9 months ago
REF: https://bugzilla.tianocore.org/show_bug.cgi?id=1965

For function InsertNewGuidNameMapping, it rellocate the
mGuidList with new size
"mGuidListCount+1 * sizeof(GUID_INFO_BLOCK)". That isn't
its purpose and would cause a overflow operation in
"mGuidList[mGuidListCount - 1].xxx = xxx". Its purpose
is to increase 1 block size of mGuidList. Change it to
"(mGuidListCount + 1) * sizeof (GUID_INFO_BLOCK)".

Adjust the coding style of this function.

Cc: Jaben Carsey <jaben.carsey@intel.com>
Cc: Ray Ni <ray.ni@intel.com>
Cc: Andrew Fish <afish@apple.com>
Signed-off-by: Zhichao Gao <zhichao.gao@intel.com>
---

V2:
Update the copyright.

 .../UefiHandleParsingLib/UefiHandleParsingLib.c    | 14 +++++++++-----
 1 file changed, 9 insertions(+), 5 deletions(-)

diff --git a/ShellPkg/Library/UefiHandleParsingLib/UefiHandleParsingLib.c b/ShellPkg/Library/UefiHandleParsingLib/UefiHandleParsingLib.c
index f179c41092..43c19b9a91 100644
--- a/ShellPkg/Library/UefiHandleParsingLib/UefiHandleParsingLib.c
+++ b/ShellPkg/Library/UefiHandleParsingLib/UefiHandleParsingLib.c
@@ -1,7 +1,7 @@
 /** @file
   Provides interface to advanced shell functionality for parsing both handle and protocol database.
 
-  Copyright (c) 2010 - 2017, Intel Corporation. All rights reserved.<BR>
+  Copyright (c) 2010 - 2019, Intel Corporation. All rights reserved.<BR>
   (C) Copyright 2013-2015 Hewlett-Packard Development Company, L.P.<BR>
   (C) Copyright 2015-2016 Hewlett Packard Enterprise Development LP<BR>
   SPDX-License-Identifier: BSD-2-Clause-Patent
@@ -2462,17 +2462,21 @@ InsertNewGuidNameMapping(
   IN CONST DUMP_PROTOCOL_INFO DumpFunc OPTIONAL
   )
 {
-  ASSERT(Guid   != NULL);
-  ASSERT(NameID != 0);
+  ASSERT (Guid   != NULL);
+  ASSERT (NameID != 0);
 
-  mGuidList = ReallocatePool(mGuidListCount * sizeof(GUID_INFO_BLOCK), mGuidListCount+1 * sizeof(GUID_INFO_BLOCK), mGuidList);
+  mGuidList = ReallocatePool (
+                mGuidListCount * sizeof (GUID_INFO_BLOCK),
+                (mGuidListCount + 1) * sizeof (GUID_INFO_BLOCK),
+                mGuidList
+                );
   if (mGuidList == NULL) {
     mGuidListCount = 0;
     return (EFI_OUT_OF_RESOURCES);
   }
   mGuidListCount++;
 
-  mGuidList[mGuidListCount - 1].GuidId   = AllocateCopyPool(sizeof(EFI_GUID), Guid);
+  mGuidList[mGuidListCount - 1].GuidId   = AllocateCopyPool (sizeof (EFI_GUID), Guid);
   mGuidList[mGuidListCount - 1].StringId = NameID;
   mGuidList[mGuidListCount - 1].DumpInfo = DumpFunc;
 
-- 
2.21.0.windows.1


-=-=-=-=-=-=-=-=-=-=-=-
Groups.io Links: You receive all messages sent to this group.

View/Reply Online (#44096): https://edk2.groups.io/g/devel/message/44096
Mute This Topic: https://groups.io/mt/32556056/1787277
Group Owner: devel+owner@edk2.groups.io
Unsubscribe: https://edk2.groups.io/g/devel/unsub  [importer@patchew.org]
-=-=-=-=-=-=-=-=-=-=-=-