From patchwork Wed Sep 24 05:03:11 2014 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Roy Franz X-Patchwork-Id: 37780 Return-Path: X-Original-To: linaro@patches.linaro.org Delivered-To: linaro@patches.linaro.org Received: from mail-lb0-f199.google.com (mail-lb0-f199.google.com [209.85.217.199]) by ip-10-151-82-157.ec2.internal (Postfix) with ESMTPS id 5E9CC20792 for ; Wed, 24 Sep 2014 05:05:06 +0000 (UTC) Received: by mail-lb0-f199.google.com with SMTP id z12sf2640352lbi.10 for ; Tue, 23 Sep 2014 22:05:05 -0700 (PDT) X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20130820; h=x-gm-message-state:delivered-to:from:to:date:message-id:in-reply-to :references:cc:subject:precedence:list-id:list-unsubscribe:list-post :list-help:list-subscribe:mime-version:sender:errors-to :x-original-sender:x-original-authentication-results:mailing-list :list-archive:content-type:content-transfer-encoding; bh=o6DKYM25B9XpazpFWXj466fyV53h8G3BcugimhDz75Y=; b=aIf+hmEGMQ9NxKn4ewERFW96bzNc8VXLPn8zq1CYR+3bXRc2RojsSsjcjeBxVHnlXf 4KrKqli+LVST+5KSL7WQaR4kWdqKs+Cks2rMD30/4NL609D+ZuHCtztkc2Dwq2Ksq0Tv k47uWCsGqzYXW0bRGS4+gbcODHfY3eRwC0llT1WJV7RuLv7zGBfwhqyWmqtBh8sjwCjo BDl8ppMI0kc5SEEPmu4nAP/6RPFcp7CL2+h0lcplnblBRvgPeYzH2nE08PfGHbV9ysK/ Y+bi7zW54Q+bEvopXfdiwqi3stcqkOn0pn7dqxNHrgX232Rktwk10af5TNf6TKcstph+ UL7g== X-Gm-Message-State: ALoCoQkKo6RfCCgJ2gFUKRzM4ECm4Is1Hkr94T2mtxjE6k26y5vzaoK3qtHYbXCYCBhmQY1tgfNI X-Received: by 10.112.76.229 with SMTP id n5mr624027lbw.8.1411535105247; Tue, 23 Sep 2014 22:05:05 -0700 (PDT) X-BeenThere: patchwork-forward@linaro.org Received: by 10.152.19.131 with SMTP id f3ls105427lae.38.gmail; Tue, 23 Sep 2014 22:05:05 -0700 (PDT) X-Received: by 10.152.10.203 with SMTP id k11mr4040807lab.30.1411535105114; Tue, 23 Sep 2014 22:05:05 -0700 (PDT) Received: from mail-lb0-f170.google.com (mail-lb0-f170.google.com [209.85.217.170]) by mx.google.com with ESMTPS id lj3si21248067lab.102.2014.09.23.22.05.05 for (version=TLSv1 cipher=ECDHE-RSA-RC4-SHA bits=128/128); Tue, 23 Sep 2014 22:05:05 -0700 (PDT) Received-SPF: pass (google.com: domain of patch+caf_=patchwork-forward=linaro.org@linaro.org designates 209.85.217.170 as permitted sender) client-ip=209.85.217.170; Received: by mail-lb0-f170.google.com with SMTP id z11so4623777lbi.15 for ; Tue, 23 Sep 2014 22:05:04 -0700 (PDT) X-Received: by 10.112.76.6 with SMTP id g6mr3810839lbw.22.1411535104955; Tue, 23 Sep 2014 22:05:04 -0700 (PDT) X-Forwarded-To: patchwork-forward@linaro.org X-Forwarded-For: patch@linaro.org patchwork-forward@linaro.org Delivered-To: patch@linaro.org Received: by 10.112.130.169 with SMTP id of9csp526208lbb; Tue, 23 Sep 2014 22:05:04 -0700 (PDT) X-Received: by 10.52.178.98 with SMTP id cx2mr3305536vdc.62.1411535103629; Tue, 23 Sep 2014 22:05:03 -0700 (PDT) Received: from lists.xen.org (lists.xen.org. [50.57.142.19]) by mx.google.com with ESMTPS id wv12si5287726vcb.21.2014.09.23.22.05.03 for (version=TLSv1 cipher=RC4-SHA bits=128/128); Tue, 23 Sep 2014 22:05:03 -0700 (PDT) Received-SPF: none (google.com: xen-devel-bounces@lists.xen.org does not designate permitted sender hosts) client-ip=50.57.142.19; Received: from localhost ([127.0.0.1] helo=lists.xen.org) by lists.xen.org with esmtp (Exim 4.72) (envelope-from ) id 1XWek0-0006PO-05; Wed, 24 Sep 2014 05:03:48 +0000 Received: from mail6.bemta14.messagelabs.com ([193.109.254.103]) by lists.xen.org with esmtp (Exim 4.72) (envelope-from ) id 1XWejy-0006NY-Lh for xen-devel@lists.xen.org; Wed, 24 Sep 2014 05:03:46 +0000 Received: from [193.109.254.147:56011] by server-16.bemta-14.messagelabs.com id 04/04-16990-2B052245; Wed, 24 Sep 2014 05:03:46 +0000 X-Env-Sender: roy.franz@linaro.org X-Msg-Ref: server-10.tower-27.messagelabs.com!1411535024!12630518!1 X-Originating-IP: [209.85.223.172] X-SpamReason: No, hits=0.0 required=7.0 tests= X-StarScan-Received: X-StarScan-Version: 6.12.2; banners=-,-,- X-VirusChecked: Checked Received: (qmail 18526 invoked from network); 24 Sep 2014 05:03:45 -0000 Received: from mail-ie0-f172.google.com (HELO mail-ie0-f172.google.com) (209.85.223.172) by server-10.tower-27.messagelabs.com with RC4-SHA encrypted SMTP; 24 Sep 2014 05:03:45 -0000 Received: by mail-ie0-f172.google.com with SMTP id rp18so8899929iec.17 for ; Tue, 23 Sep 2014 22:03:43 -0700 (PDT) X-Received: by 10.50.87.99 with SMTP id w3mr9715024igz.4.1411535023871; Tue, 23 Sep 2014 22:03:43 -0700 (PDT) Received: from rfranz-v430.caveonetworks.com (64.2.3.195.ptr.us.xo.net. [64.2.3.195]) by mx.google.com with ESMTPSA id ig9sm3477662igb.13.2014.09.23.22.03.42 for (version=TLSv1.2 cipher=ECDHE-RSA-AES128-GCM-SHA256 bits=128/128); Tue, 23 Sep 2014 22:03:43 -0700 (PDT) From: Roy Franz To: xen-devel@lists.xen.org, ian.campbell@citrix.com, stefano.stabellini@citrix.com, tim@xen.org, jbeulich@suse.com, keir@xen.org Date: Tue, 23 Sep 2014 22:03:11 -0700 Message-Id: <1411534992-27443-14-git-send-email-roy.franz@linaro.org> X-Mailer: git-send-email 1.9.1 In-Reply-To: <1411534992-27443-1-git-send-email-roy.franz@linaro.org> References: <1411534992-27443-1-git-send-email-roy.franz@linaro.org> Cc: Roy Franz , fu.wei@linaro.org Subject: [Xen-devel] [PATCH for-4.5 V6 13/14] Fix freeing of uninitialized pointer X-BeenThere: xen-devel@lists.xen.org X-Mailman-Version: 2.1.13 Precedence: list List-Id: List-Unsubscribe: , List-Post: , List-Help: , List-Subscribe: , MIME-Version: 1.0 Sender: xen-devel-bounces@lists.xen.org Errors-To: xen-devel-bounces@lists.xen.org X-Removed-Original-Auth: Dkim didn't pass. X-Original-Sender: roy.franz@linaro.org X-Original-Authentication-Results: mx.google.com; spf=pass (google.com: domain of patch+caf_=patchwork-forward=linaro.org@linaro.org designates 209.85.217.170 as permitted sender) smtp.mail=patch+caf_=patchwork-forward=linaro.org@linaro.org Mailing-list: list patchwork-forward@linaro.org; contact patchwork-forward+owners@linaro.org X-Google-Group-Id: 836684582541 List-Archive: The only valid response from the LocateHandle() call is EFI_BUFFER_TOO_SMALL, so exit if we get anything else. We pass a 0 size/NULL pointer buffer, so the only other returns we will get is an error. Return right away as there is nothing to do. Also return if there is an error allocating the buffer, as the previous code path also allowed for an undefined pointer to be freed. Signed-off-by: Roy Franz --- xen/common/efi/boot.c | 6 ++++++ 1 file changed, 6 insertions(+) diff --git a/xen/common/efi/boot.c b/xen/common/efi/boot.c index d5c9355..54db5c9 100644 --- a/xen/common/efi/boot.c +++ b/xen/common/efi/boot.c @@ -582,9 +582,15 @@ static void __init setup_efi_pci(void) status = efi_bs->LocateHandle(ByProtocol, &pci_guid, NULL, &size, NULL); if ( status == EFI_BUFFER_TOO_SMALL ) status = efi_bs->AllocatePool(EfiLoaderData, size, (void **)&handles); + else + return; + if ( !EFI_ERROR(status) ) status = efi_bs->LocateHandle(ByProtocol, &pci_guid, NULL, &size, handles); + else + return; + if ( EFI_ERROR(status) ) size = 0;