From: Roy Franz <roy.franz@linaro.org>
To: Jan Beulich <JBeulich@suse.com>
Cc: keir <keir@xen.org>, Ian Campbell <ian.campbell@citrix.com>,
tim <tim@xen.org>, xen-devel <xen-devel@lists.xen.org>,
Stefano Stabellini <stefano.stabellini@citrix.com>,
Fu Wei <fu.wei@linaro.org>
Subject: Re: [PATCH for-4.5 V6 13/14] Fix freeing of uninitialized pointer
Date: Wed, 24 Sep 2014 12:22:29 -0700 [thread overview]
Message-ID: <CAFECyb9ZMhdBTFkdVwncq-5Vgh6FPnemWgT+011HXMZXafKC6w@mail.gmail.com> (raw)
In-Reply-To: <5422A606020000780003819D@mail.emea.novell.com>
On Wed, Sep 24, 2014 at 2:07 AM, Jan Beulich <JBeulich@suse.com> wrote:
>>>> On 24.09.14 at 07:03, <roy.franz@linaro.org> wrote:
>> The only valid response from the LocateHandle() call is EFI_BUFFER_TOO_SMALL,
>> so exit if we get anything else. We pass a 0 size/NULL pointer buffer, so the
>> only other returns we will get is an error. Return right away as there is
>> nothing to do. Also return if there is an error allocating the buffer, as the
>> previous code path also allowed for an undefined pointer to be freed.
>>
>> Signed-off-by: Roy Franz <roy.franz@linaro.org>
>
> Thanks, but I restructured the patch (see below). Additionally such
> bug fixes would better be placed at the start of a series to ease
> backporting.
>
> Jan
>
> x86/EFI: fix freeing of uninitialized pointer
>
> The only valid response from the LocateHandle() call is EFI_BUFFER_TOO_SMALL,
> so exit if we get anything else. We pass a 0 size/NULL pointer buffer, so the
> only other returns we will get is an error. Return right away as there is
> nothing to do. Also return if there is an error allocating the buffer, as the
> previous code path also allowed for an undefined pointer to be freed.
>
> Signed-off-by: Roy Franz <roy.franz@linaro.org>
>
> Re-structure the change.
>
> Signed-off-by: Jan Beulich <jbeulich@suse.com>
>
> --- a/xen/arch/x86/efi/boot.c
> +++ b/xen/arch/x86/efi/boot.c
> @@ -595,11 +595,12 @@ static void __init setup_efi_pci(void)
> struct efi_pci_rom *last = NULL;
>
> status = efi_bs->LocateHandle(ByProtocol, &pci_guid, NULL, &size, NULL);
> - if ( status == EFI_BUFFER_TOO_SMALL )
> - status = efi_bs->AllocatePool(EfiLoaderData, size, (void **)&handles);
> - if ( !EFI_ERROR(status) )
> - status = efi_bs->LocateHandle(ByProtocol, &pci_guid, NULL, &size,
> - handles);
> + if ( status != EFI_BUFFER_TOO_SMALL )
> + return;
> + status = efi_bs->AllocatePool(EfiLoaderData, size, (void **)&handles);
> + if ( EFI_ERROR(status) )
> + return;
> + status = efi_bs->LocateHandle(ByProtocol, &pci_guid, NULL, &size, handles);
> if ( EFI_ERROR(status) )
> size = 0;
>
>
>
>
OK, I'll use your version, and move it to the start of the patch series.
Roy
next prev parent reply other threads:[~2014-09-24 19:22 UTC|newest]
Thread overview: 30+ messages / expand[flat|nested] mbox.gz Atom feed top
2014-09-24 5:02 [PATCH for-4.5 V6 00/14] arm64 EFI stub Roy Franz
2014-09-24 5:02 ` [PATCH for-4.5 V6 01/14] move x86 EFI boot/runtime code to common/efi Roy Franz
2014-09-24 15:50 ` Jan Beulich
2014-09-24 19:41 ` Roy Franz
2014-09-24 5:03 ` [PATCH for-4.5 V6 02/14] Move x86 specific funtions/variables to arch header Roy Franz
2014-09-24 15:56 ` Jan Beulich
2014-09-24 19:45 ` Roy Franz
2014-09-25 8:12 ` Jan Beulich
2014-09-24 5:03 ` [PATCH for-4.5 V6 03/14] create arch functions to allocate memory for and process EFI memory map Roy Franz
2014-09-24 15:57 ` Jan Beulich
2014-09-24 5:03 ` [PATCH for-4.5 V6 04/14] Add architecture functions for pre/post ExitBootServices Roy Franz
2014-09-24 5:03 ` [PATCH for-4.5 V6 05/14] Add efi_arch_cfg_file_early/late() to handle arch specific cfg file fields Roy Franz
2014-09-24 5:03 ` [PATCH for-4.5 V6 06/14] Add efi_arch_handle_cmdline() for processing commandline Roy Franz
2014-09-24 5:03 ` [PATCH for-4.5 V6 07/14] Move x86 specific disk probing code Roy Franz
2014-09-24 5:03 ` [PATCH for-4.5 V6 08/14] Create arch functions for console and video init Roy Franz
2014-09-24 5:03 ` [PATCH for-4.5 V6 09/14] Add efi_arch_memory() for arch specific memory setup Roy Franz
2014-09-24 5:03 ` [PATCH for-4.5 V6 10/14] Add arch specific module handling to read_file() Roy Franz
2014-09-24 16:02 ` Jan Beulich
2014-09-24 5:03 ` [PATCH for-4.5 V6 11/14] Add several misc. arch functions for EFI boot code Roy Franz
2014-09-24 5:03 ` [PATCH for-4.5 V6 12/14] Add efi_arch_use_config_file() function to control use of config file Roy Franz
2014-09-24 5:03 ` [PATCH for-4.5 V6 13/14] Fix freeing of uninitialized pointer Roy Franz
2014-09-24 9:07 ` Jan Beulich
2014-09-24 19:22 ` Roy Franz [this message]
2014-09-25 8:13 ` Jan Beulich
2014-09-25 15:46 ` Roy Franz
2014-09-24 5:03 ` [PATCH for-4.5 V6 14/14] Add ARM EFI boot support Roy Franz
2014-09-24 16:11 ` Julien Grall
2014-09-24 19:53 ` Roy Franz
2014-09-24 8:55 ` [PATCH for-4.5 V6 00/14] arm64 EFI stub Jan Beulich
2014-09-24 19:37 ` Roy Franz
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=CAFECyb9ZMhdBTFkdVwncq-5Vgh6FPnemWgT+011HXMZXafKC6w@mail.gmail.com \
--to=roy.franz@linaro.org \
--cc=JBeulich@suse.com \
--cc=fu.wei@linaro.org \
--cc=ian.campbell@citrix.com \
--cc=keir@xen.org \
--cc=stefano.stabellini@citrix.com \
--cc=tim@xen.org \
--cc=xen-devel@lists.xen.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).