From 530e8c8d7761f80b23e193605b7c3bcbb52e02f4 Mon Sep 17 00:00:00 2001 From: Ronald Cron Date: Thu, 8 Jan 2015 10:10:41 +0000 Subject: MdeModulePkg/PartitionDxe: Fix media probe The call in ProbeMediaStatus() to the ReadDisk() function of the EFI_DISK_IO_PROTOCOL interface implemented in DiskIoDxe/DiskIo.c crashed in DiskIo2ReadWriteDisk() because of the NULL value of the destination buffer pointer. Pass the address of a buffer in the stack instead of a NULL pointer. In addition to avoiding the crash, that way, the media probe does not depend anymore on the way the EFI_DISK_IO_PROTOCOL implementation deals with a NULL value of the destination buffer pointer as the UEFI specification does not specify the expected behaviour. Contributed-under: TianoCore Contribution Agreement 1.0 Signed-off-by: Ronald Cron Reviewed-by: Olivier Martin --- MdeModulePkg/Universal/Disk/PartitionDxe/Partition.c | 8 ++++++-- 1 file changed, 6 insertions(+), 2 deletions(-) diff --git a/MdeModulePkg/Universal/Disk/PartitionDxe/Partition.c b/MdeModulePkg/Universal/Disk/PartitionDxe/Partition.c index 28639b0..89cc540 100644 --- a/MdeModulePkg/Universal/Disk/PartitionDxe/Partition.c +++ b/MdeModulePkg/Universal/Disk/PartitionDxe/Partition.c @@ -576,11 +576,15 @@ ProbeMediaStatus ( ) { EFI_STATUS Status; + UINT8 Buffer[1]; // - // Read 1 byte from offset 0 but passing NULL as buffer pointer + // Read 1 byte from offset 0 to check if the MediaId is still valid. + // The reading operation is synchronious thus it is not worth it to + // allocate a buffer from the pool. The destination buffer for the + // data is in the stack. // - Status = DiskIo->ReadDisk (DiskIo, MediaId, 0, 1, NULL); + Status = DiskIo->ReadDisk (DiskIo, MediaId, 0, 1, (VOID*)Buffer); if ((Status == EFI_NO_MEDIA) || (Status == EFI_MEDIA_CHANGED)) { return Status; } -- 2.1.1