Reviewed-by: [email protected] > -----Original Message----- > From: Zeng, Star > Sent: Thursday, May 3, 2018 7:20 PM > To: [email protected] > Cc: Zeng, Star <[email protected]>; Yao, Jiewen <[email protected]> > Subject: [PATCH] MdeModulePkg CapsuleApp: Check Buffer against NULL before > freeing it > > If the capsule from command line is not present, > Buffer will be random value when freeing it in DumpCapsule(), > then ASSERT will happen or other memory pool may be freed. > > Cc: Jiewen Yao <[email protected]> > Contributed-under: TianoCore Contribution Agreement 1.1 > Signed-off-by: Star Zeng <[email protected]> > --- > MdeModulePkg/Application/CapsuleApp/CapsuleDump.c | 7 +++++-- > 1 file changed, 5 insertions(+), 2 deletions(-) > > diff --git a/MdeModulePkg/Application/CapsuleApp/CapsuleDump.c > b/MdeModulePkg/Application/CapsuleApp/CapsuleDump.c > index 2bb5f1f02cf4..6c1320942bf4 100644 > --- a/MdeModulePkg/Application/CapsuleApp/CapsuleDump.c > +++ b/MdeModulePkg/Application/CapsuleApp/CapsuleDump.c > @@ -1,7 +1,7 @@ > /** @file > Dump Capsule image information. > > - Copyright (c) 2016, Intel Corporation. All rights reserved.<BR> > + Copyright (c) 2016 - 2018, Intel Corporation. All rights reserved.<BR> > This program and the accompanying materials > are licensed and made available under the terms and conditions of the BSD > License > which accompanies this distribution. The full text of the license may be > found at > @@ -242,6 +242,7 @@ DumpCapsule ( > EFI_CAPSULE_HEADER *CapsuleHeader; > EFI_STATUS Status; > > + Buffer = NULL; > Status = ReadFileToBuffer(CapsuleName, &FileSize, &Buffer); > if (EFI_ERROR(Status)) { > Print(L"CapsuleApp: Capsule (%s) is not found.\n", CapsuleName); > @@ -269,7 +270,9 @@ DumpCapsule ( > } > > Done: > - FreePool(Buffer); > + if (Buffer != NULL) { > + FreePool(Buffer); > + } > return Status; > } > > -- > 2.7.0.windows.1
_______________________________________________ edk2-devel mailing list [email protected] https://lists.01.org/mailman/listinfo/edk2-devel
