svn commit: r312374 - head/sys/boot/efi/libefi

Wed, 18 Jan 2017 00:19:25 -0800 

Author: tsoome
Date: Wed Jan 18 08:18:07 2017
New Revision: 312374
URL: https://svnweb.freebsd.org/changeset/base/312374

Log:
  loader: efi devpath api usage should be more aware of NULL pointers
  
  As the efi_devpath_last_node() and efi_devpath_trim() can return NULL
  pointers, the consumers of this API should check the the NULL pointers.
  
  Same for efinet_dev_init() using calloc().
  
  Reported by:  Robert Mustacchi <r...@joyent.com>
  Reviewed by:  jhb, allanjude
  Approved by:  allanjude (mentor)
  Differential Revision:        https://reviews.freebsd.org/D9203

Modified:
  head/sys/boot/efi/libefi/devpath.c
  head/sys/boot/efi/libefi/efinet.c
  head/sys/boot/efi/libefi/efipart.c

Modified: head/sys/boot/efi/libefi/devpath.c
==============================================================================
--- head/sys/boot/efi/libefi/devpath.c  Wed Jan 18 08:11:18 2017        
(r312373)
+++ head/sys/boot/efi/libefi/devpath.c  Wed Jan 18 08:18:07 2017        
(r312374)
@@ -106,15 +106,18 @@ efi_devpath_trim(EFI_DEVICE_PATH *devpat
        EFI_DEVICE_PATH *node, *copy;
        size_t prefix, len;
 
-       node = efi_devpath_last_node(devpath);
+       if ((node = efi_devpath_last_node(devpath)) == NULL)
+               return (NULL);
        prefix = (UINT8 *)node - (UINT8 *)devpath;
        if (prefix == 0)
                return (NULL);
        len = prefix + DevicePathNodeLength(NextDevicePathNode(node));
        copy = malloc(len);
-       memcpy(copy, devpath, prefix);
-       node = (EFI_DEVICE_PATH *)((UINT8 *)copy + prefix);
-       SetDevicePathEndNode(node);
+       if (copy != NULL) {
+               memcpy(copy, devpath, prefix);
+               node = (EFI_DEVICE_PATH *)((UINT8 *)copy + prefix);
+               SetDevicePathEndNode(node);
+       }
        return (copy);
 }
 

Modified: head/sys/boot/efi/libefi/efinet.c
==============================================================================
--- head/sys/boot/efi/libefi/efinet.c   Wed Jan 18 08:11:18 2017        
(r312373)
+++ head/sys/boot/efi/libefi/efinet.c   Wed Jan 18 08:18:07 2017        
(r312374)
@@ -291,12 +291,18 @@ efinet_dev_init()
        if (EFI_ERROR(status))
                return (efi_status_to_errno(status));
        handles2 = (EFI_HANDLE *)malloc(sz);
+       if (handles2 == NULL) {
+               free(handles);
+               return (ENOMEM);
+       }
        nifs = 0;
        for (i = 0; i < sz / sizeof(EFI_HANDLE); i++) {
                devpath = efi_lookup_devpath(handles[i]);
                if (devpath == NULL)
                        continue;
-               node = efi_devpath_last_node(devpath);
+               if ((node = efi_devpath_last_node(devpath)) == NULL)
+                       continue;
+
                if (DevicePathType(node) != MESSAGING_DEVICE_PATH ||
                    DevicePathSubType(node) != MSG_MAC_ADDR_DP)
                        continue;
@@ -318,20 +324,24 @@ efinet_dev_init()
        }
        free(handles);
        if (nifs == 0) {
-               free(handles2);
-               return (ENOENT);
+               err = ENOENT;
+               goto done;
        }
 
        err = efi_register_handles(&efinet_dev, handles2, NULL, nifs);
-       if (err != 0) {
-               free(handles2);
-               return (err);
-       }
+       if (err != 0)
+               goto done;
 
-       efinetif.netif_nifs = nifs;
        efinetif.netif_ifs = calloc(nifs, sizeof(struct netif_dif));
-
        stats = calloc(nifs, sizeof(struct netif_stats));
+       if (efinetif.netif_ifs == NULL || stats == NULL) {
+               free(efinetif.netif_ifs);
+               free(stats);
+               efinetif.netif_ifs = NULL;
+               err = ENOMEM;
+               goto done;
+       }
+       efinetif.netif_nifs = nifs;
 
        for (i = 0; i < nifs; i++) {
 
@@ -341,9 +351,9 @@ efinet_dev_init()
                dif->dif_stats = &stats[i];
                dif->dif_private = handles2[i];
        }
+done:
        free(handles2);
-
-       return (0);
+       return (err);
 }
 
 static int

Modified: head/sys/boot/efi/libefi/efipart.c
==============================================================================
--- head/sys/boot/efi/libefi/efipart.c  Wed Jan 18 08:11:18 2017        
(r312373)
+++ head/sys/boot/efi/libefi/efipart.c  Wed Jan 18 08:18:07 2017        
(r312374)
@@ -130,10 +130,13 @@ efipart_init(void) 
                 * we try to find the parent device and add that instead as
                 * that will be the CD filesystem.
                 */
-               node = efi_devpath_last_node(devpath);
+               if ((node = efi_devpath_last_node(devpath)) == NULL)
+                       continue;
                if (DevicePathType(node) == MEDIA_DEVICE_PATH &&
                    DevicePathSubType(node) == MEDIA_CDROM_DP) {
                        devpathcpy = efi_devpath_trim(devpath);
+                       if (devpathcpy == NULL)
+                               continue;
                        tmpdevpath = devpathcpy;
                        status = BS->LocateDevicePath(&blkio_guid, &tmpdevpath,
                            &handle);
_______________________________________________
svn-src-all@freebsd.org mailing list
https://lists.freebsd.org/mailman/listinfo/svn-src-all
To unsubscribe, send any mail to "svn-src-all-unsubscr...@freebsd.org"

Reply via email to