1. Patchew
  2. EDK2
  3. View series

[edk2-devel] [PATCH] MdePkg/UefiFileHandleLib: Fix potential NULL dereference

Marvin Häuser posted 1 patch 4 years, 6 months ago
Failed in applying to current master (apply log)
MdePkg/Library/UefiFileHandleLib/UefiFileHandleLib.c | 28 +++++++++++---------
1 file changed, 15 insertions(+), 13 deletions(-)
[edk2-devel] [PATCH] MdePkg/UefiFileHandleLib: Fix potential NULL dereference
Posted by Marvin Häuser 4 years, 6 months ago 
From: Marvin Haeuser <mhaeuser@outlook.de>

REF: https://bugzilla.tianocore.org/show_bug.cgi?id=2293

Move the NULL check in FileHandleGetInfo() to directly after the
allocation to prevent potential NULL dereferences.

Cc: Michael D Kinney <michael.d.kinney@intel.com>
Cc: Liming Gao <liming.gao@intel.com>
Signed-off-by: Marvin Haeuser <mhaeuser@outlook.de>
---
 MdePkg/Library/UefiFileHandleLib/UefiFileHandleLib.c | 28 +++++++++++---------
 1 file changed, 15 insertions(+), 13 deletions(-)

diff --git a/MdePkg/Library/UefiFileHandleLib/UefiFileHandleLib.c b/MdePkg/Library/UefiFileHandleLib/UefiFileHandleLib.c
index 96913c5c02b8..5dc893833a46 100644
--- a/MdePkg/Library/UefiFileHandleLib/UefiFileHandleLib.c
+++ b/MdePkg/Library/UefiFileHandleLib/UefiFileHandleLib.c
@@ -68,19 +68,21 @@ FileHandleGetInfo (
     // error is expected.  getting size to allocate

     //

     FileInfo = AllocateZeroPool(FileInfoSize);

-    //

-    // now get the information

-    //

-    Status = FileHandle->GetInfo(FileHandle,

-                                 &gEfiFileInfoGuid,

-                                 &FileInfoSize,

-                                 FileInfo);

-    //

-    // if we got an error free the memory and return NULL

-    //

-    if (EFI_ERROR(Status) && (FileInfo != NULL)) {

-      FreePool(FileInfo);

-      FileInfo = NULL;

+    if (FileInfo != NULL) {

+      //

+      // now get the information

+      //

+      Status = FileHandle->GetInfo(FileHandle,

+                                   &gEfiFileInfoGuid,

+                                   &FileInfoSize,

+                                   FileInfo);

+      //

+      // if we got an error free the memory and return NULL

+      //

+      if (EFI_ERROR(Status)) {

+        FreePool(FileInfo);

+        FileInfo = NULL;

+      }

     }

   }

   return (FileInfo);

-- 
2.23.0.windows.1


-=-=-=-=-=-=-=-=-=-=-=-
Groups.io Links: You receive all messages sent to this group.

View/Reply Online (#49256): https://edk2.groups.io/g/devel/message/49256
Mute This Topic: https://groups.io/mt/35954827/1787277
Group Owner: devel+owner@edk2.groups.io
Unsubscribe: https://edk2.groups.io/g/devel/unsub  [importer@patchew.org]
-=-=-=-=-=-=-=-=-=-=-=-
Re: [edk2-devel] [PATCH] MdePkg/UefiFileHandleLib: Fix potential NULL dereference
Posted by Liming Gao 4 years, 6 months ago 
Reviewed-by: Liming Gao <liming.gao@intel.com>

>-----Original Message-----
>From: Marvin Häuser [mailto:Marvin.Haeuser@outlook.com]
>Sent: Sunday, October 20, 2019 8:09 PM
>To: devel@edk2.groups.io
>Cc: vit9696@protonmail.com; Kinney, Michael D
><michael.d.kinney@intel.com>; Gao, Liming <liming.gao@intel.com>
>Subject: [PATCH] MdePkg/UefiFileHandleLib: Fix potential NULL dereference
>
>From: Marvin Haeuser <mhaeuser@outlook.de>
>
>REF: https://bugzilla.tianocore.org/show_bug.cgi?id=2293
>
>Move the NULL check in FileHandleGetInfo() to directly after the
>allocation to prevent potential NULL dereferences.
>
>Cc: Michael D Kinney <michael.d.kinney@intel.com>
>Cc: Liming Gao <liming.gao@intel.com>
>Signed-off-by: Marvin Haeuser <mhaeuser@outlook.de>
>---
> MdePkg/Library/UefiFileHandleLib/UefiFileHandleLib.c | 28 +++++++++++----
>-----
> 1 file changed, 15 insertions(+), 13 deletions(-)
>
>diff --git a/MdePkg/Library/UefiFileHandleLib/UefiFileHandleLib.c
>b/MdePkg/Library/UefiFileHandleLib/UefiFileHandleLib.c
>index 96913c5c02b8..5dc893833a46 100644
>--- a/MdePkg/Library/UefiFileHandleLib/UefiFileHandleLib.c
>+++ b/MdePkg/Library/UefiFileHandleLib/UefiFileHandleLib.c
>@@ -68,19 +68,21 @@ FileHandleGetInfo (
>     // error is expected.  getting size to allocate
>
>     //
>
>     FileInfo = AllocateZeroPool(FileInfoSize);
>
>-    //
>
>-    // now get the information
>
>-    //
>
>-    Status = FileHandle->GetInfo(FileHandle,
>
>-                                 &gEfiFileInfoGuid,
>
>-                                 &FileInfoSize,
>
>-                                 FileInfo);
>
>-    //
>
>-    // if we got an error free the memory and return NULL
>
>-    //
>
>-    if (EFI_ERROR(Status) && (FileInfo != NULL)) {
>
>-      FreePool(FileInfo);
>
>-      FileInfo = NULL;
>
>+    if (FileInfo != NULL) {
>
>+      //
>
>+      // now get the information
>
>+      //
>
>+      Status = FileHandle->GetInfo(FileHandle,
>
>+                                   &gEfiFileInfoGuid,
>
>+                                   &FileInfoSize,
>
>+                                   FileInfo);
>
>+      //
>
>+      // if we got an error free the memory and return NULL
>
>+      //
>
>+      if (EFI_ERROR(Status)) {
>
>+        FreePool(FileInfo);
>
>+        FileInfo = NULL;
>
>+      }
>
>     }
>
>   }
>
>   return (FileInfo);
>
>--
>2.23.0.windows.1


-=-=-=-=-=-=-=-=-=-=-=-
Groups.io Links: You receive all messages sent to this group.

View/Reply Online (#49273): https://edk2.groups.io/g/devel/message/49273
Mute This Topic: https://groups.io/mt/35954827/1787277
Group Owner: devel+owner@edk2.groups.io
Unsubscribe: https://edk2.groups.io/g/devel/unsub  [importer@patchew.org]
-=-=-=-=-=-=-=-=-=-=-=-

Patchew 2.1-devel-0870f84

© 2016 - 2024 Red Hat, Inc.