Re: [edk2] [PATCH] MdePkg/UefiFileHandleLib: Fix potential NULL dereference.

Thu, 17 May 2018 01:05:13 -0700 

Reviewed-by: Ruiyu Ni <ruiyu...@intel.com>

Thanks/Ray

> -----Original Message-----
> From: edk2-devel <edk2-devel-boun...@lists.01.org> On Behalf Of Marvin
> Häuser
> Sent: Sunday, May 6, 2018 4:22 AM
> To: edk2-devel@lists.01.org
> Cc: Kinney, Michael D <michael.d.kin...@intel.com>; Gao, Liming
> <liming....@intel.com>
> Subject: [edk2] [PATCH] MdePkg/UefiFileHandleLib: Fix potential NULL
> dereference.
> 
> Move the NULL-check in FileHandleGetInfo() to directly after the
> allocation to prevent potential NULL dereferences.
> 
> Contributed-under: TianoCore Contribution Agreement 1.1
> Signed-off-by: Marvin Haeuser <marvin.haeu...@outlook.com>
> ---
>  MdePkg/Library/UefiFileHandleLib/UefiFileHandleLib.c | 30 +++++++++++---
> ------
>  1 file changed, 16 insertions(+), 14 deletions(-)
> 
> diff --git a/MdePkg/Library/UefiFileHandleLib/UefiFileHandleLib.c
> b/MdePkg/Library/UefiFileHandleLib/UefiFileHandleLib.c
> index 57aad77bc135..bcf3a328b82d 100644
> --- a/MdePkg/Library/UefiFileHandleLib/UefiFileHandleLib.c
> +++ b/MdePkg/Library/UefiFileHandleLib/UefiFileHandleLib.c
> @@ -1,7 +1,7 @@
>  /** @file
>    Provides interface to EFI_FILE_HANDLE functionality.
> 
> -  Copyright (c) 2006 - 2017, Intel Corporation. All rights reserved. <BR>
> +  Copyright (c) 2006 - 2018, Intel Corporation. All rights reserved. <BR>
>    This program and the accompanying materials
>    are licensed and made available under the terms and conditions of the BSD
> License
>    which accompanies this distribution.  The full text of the license may be
> found at
> @@ -74,19 +74,21 @@ FileHandleGetInfo (
>      // error is expected.  getting size to allocate
>      //
>      FileInfo = AllocateZeroPool(FileInfoSize);
> -    //
> -    // now get the information
> -    //
> -    Status = FileHandle->GetInfo(FileHandle,
> -                                 &gEfiFileInfoGuid,
> -                                 &FileInfoSize,
> -                                 FileInfo);
> -    //
> -    // if we got an error free the memory and return NULL
> -    //
> -    if (EFI_ERROR(Status) && (FileInfo != NULL)) {
> -      FreePool(FileInfo);
> -      FileInfo = NULL;
> +    if (FileInfo != NULL) {
> +      //
> +      // now get the information
> +      //
> +      Status = FileHandle->GetInfo(FileHandle,
> +                                   &gEfiFileInfoGuid,
> +                                   &FileInfoSize,
> +                                   FileInfo);
> +      //
> +      // if we got an error free the memory and return NULL
> +      //
> +      if (EFI_ERROR(Status)) {
> +        FreePool(FileInfo);
> +        FileInfo = NULL;
> +      }
>      }
>    }
>    return (FileInfo);
> --
> 2.17.0.windows.1
> 
> _______________________________________________
> edk2-devel mailing list
> edk2-devel@lists.01.org
> https://lists.01.org/mailman/listinfo/edk2-devel
_______________________________________________
edk2-devel mailing list
edk2-devel@lists.01.org
https://lists.01.org/mailman/listinfo/edk2-devel

Reply via email to