From patchwork Thu Sep 25 01:42:19 2014 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Roy Franz X-Patchwork-Id: 37878 Return-Path: X-Original-To: linaro@patches.linaro.org Delivered-To: linaro@patches.linaro.org Received: from mail-ee0-f70.google.com (mail-ee0-f70.google.com [74.125.83.70]) by ip-10-151-82-157.ec2.internal (Postfix) with ESMTPS id C5C5520063 for ; Thu, 25 Sep 2014 01:44:47 +0000 (UTC) Received: by mail-ee0-f70.google.com with SMTP id b57sf4469933eek.1 for ; Wed, 24 Sep 2014 18:44:46 -0700 (PDT) X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20130820; h=x-gm-message-state:delivered-to:from:to:date:message-id:in-reply-to :references:cc:subject:precedence:list-id:list-unsubscribe:list-post :list-help:list-subscribe:mime-version:sender:errors-to :x-original-sender:x-original-authentication-results:mailing-list :list-archive:content-type:content-transfer-encoding; bh=S6swKqv1JQBlZcOVmL6MlBEcnDH4KNiokroxeyMNhuM=; b=gyeHZnVUknR8+wV5Q0HRq27sMk4DaF2eOrAW9jw/0j58N5Z6OREz48lIc7DvgWh3gW RJKI7xc+q5HwnajGI85P8Kz/XSn0KsMlwrcuZFVSSLShG7luLXWf2UeyDA7hVIWTYqLO iPF2Xyb3/NHSkBf3dzMrYjpMyr8ENrpBTETwzN0BMw+6sxBZhEmoiFl7caRvHfSgP47n 2NqcschX+C/Lo5BzIOZEC7owXyU8DYnjKKjwoo5JLkpAYGyguSuBQqJD0TxeAnlKZwCz TaOmGTbxETV3YmCrNSWt/mXOAghzbp1AmUA/2EW6KrfuNGYwXZ9R1In9lePoBQBuJy8P cEkg== X-Gm-Message-State: ALoCoQkZAaHExgWCM353DQavBA1IrvU3nR6vUu4X7ib8N3vR2qpT8IXBlRLrVRgZIxlqLYsa1vxU X-Received: by 10.180.160.169 with SMTP id xl9mr4601186wib.7.1411609486644; Wed, 24 Sep 2014 18:44:46 -0700 (PDT) X-BeenThere: patchwork-forward@linaro.org Received: by 10.152.5.97 with SMTP id r1ls213030lar.84.gmail; Wed, 24 Sep 2014 18:44:46 -0700 (PDT) X-Received: by 10.152.37.169 with SMTP id z9mr9919850laj.66.1411609486298; Wed, 24 Sep 2014 18:44:46 -0700 (PDT) Received: from mail-lb0-f174.google.com (mail-lb0-f174.google.com [209.85.217.174]) by mx.google.com with ESMTPS id c14si877804lbq.121.2014.09.24.18.44.46 for (version=TLSv1 cipher=ECDHE-RSA-RC4-SHA bits=128/128); Wed, 24 Sep 2014 18:44:46 -0700 (PDT) Received-SPF: pass (google.com: domain of patch+caf_=patchwork-forward=linaro.org@linaro.org designates 209.85.217.174 as permitted sender) client-ip=209.85.217.174; Received: by mail-lb0-f174.google.com with SMTP id l4so11873639lbv.33 for ; Wed, 24 Sep 2014 18:44:46 -0700 (PDT) X-Received: by 10.112.130.168 with SMTP id of8mr9583249lbb.5.1411609486235; Wed, 24 Sep 2014 18:44:46 -0700 (PDT) X-Forwarded-To: patchwork-forward@linaro.org X-Forwarded-For: patch@linaro.org patchwork-forward@linaro.org Delivered-To: patch@linaro.org Received: by 10.112.130.169 with SMTP id of9csp678221lbb; Wed, 24 Sep 2014 18:44:45 -0700 (PDT) X-Received: by 10.140.16.194 with SMTP id 60mr6210420qgb.105.1411609485077; Wed, 24 Sep 2014 18:44:45 -0700 (PDT) Received: from lists.xen.org (lists.xen.org. [50.57.142.19]) by mx.google.com with ESMTPS id v37si939394qge.118.2014.09.24.18.44.44 for (version=TLSv1 cipher=RC4-SHA bits=128/128); Wed, 24 Sep 2014 18:44:45 -0700 (PDT) Received-SPF: none (google.com: xen-devel-bounces@lists.xen.org does not designate permitted sender hosts) client-ip=50.57.142.19; Received: from localhost ([127.0.0.1] helo=lists.xen.org) by lists.xen.org with esmtp (Exim 4.72) (envelope-from ) id 1XWy51-0000uO-08; Thu, 25 Sep 2014 01:42:47 +0000 Received: from mail6.bemta5.messagelabs.com ([195.245.231.135]) by lists.xen.org with esmtp (Exim 4.72) (envelope-from ) id 1XWy4z-0000u5-5A for xen-devel@lists.xen.org; Thu, 25 Sep 2014 01:42:45 +0000 Received: from [85.158.139.211:16007] by server-2.bemta-5.messagelabs.com id BA/E2-31832-41373245; Thu, 25 Sep 2014 01:42:44 +0000 X-Env-Sender: roy.franz@linaro.org X-Msg-Ref: server-3.tower-206.messagelabs.com!1411609362!4302279!1 X-Originating-IP: [209.85.223.175] X-SpamReason: No, hits=0.0 required=7.0 tests= X-StarScan-Received: X-StarScan-Version: 6.12.2; banners=-,-,- X-VirusChecked: Checked Received: (qmail 30958 invoked from network); 25 Sep 2014 01:42:43 -0000 Received: from mail-ie0-f175.google.com (HELO mail-ie0-f175.google.com) (209.85.223.175) by server-3.tower-206.messagelabs.com with RC4-SHA encrypted SMTP; 25 Sep 2014 01:42:43 -0000 Received: by mail-ie0-f175.google.com with SMTP id rl12so6513784iec.34 for ; Wed, 24 Sep 2014 18:42:42 -0700 (PDT) X-Received: by 10.50.51.2 with SMTP id g2mr651059igo.7.1411609362246; Wed, 24 Sep 2014 18:42:42 -0700 (PDT) Received: from rfranz-v430.caveonetworks.com (64.2.3.195.ptr.us.xo.net. [64.2.3.195]) by mx.google.com with ESMTPSA id x9sm5829238igl.10.2014.09.24.18.42.40 for (version=TLSv1.2 cipher=ECDHE-RSA-AES128-GCM-SHA256 bits=128/128); Wed, 24 Sep 2014 18:42:41 -0700 (PDT) From: Roy Franz To: xen-devel@lists.xen.org, ian.campbell@citrix.com, stefano.stabellini@citrix.com, tim@xen.org, jbeulich@suse.com, keir@xen.org Date: Wed, 24 Sep 2014 18:42:19 -0700 Message-Id: <1411609352-24549-2-git-send-email-roy.franz@linaro.org> X-Mailer: git-send-email 1.9.1 In-Reply-To: <1411609352-24549-1-git-send-email-roy.franz@linaro.org> References: <1411609352-24549-1-git-send-email-roy.franz@linaro.org> Cc: Roy Franz , fu.wei@linaro.org Subject: [Xen-devel] [PATCH for-4.5 V7 01/14] x86/EFI: fix freeing of uninitialized pointer X-BeenThere: xen-devel@lists.xen.org X-Mailman-Version: 2.1.13 Precedence: list List-Id: List-Unsubscribe: , List-Post: , List-Help: , List-Subscribe: , MIME-Version: 1.0 Sender: xen-devel-bounces@lists.xen.org Errors-To: xen-devel-bounces@lists.xen.org X-Removed-Original-Auth: Dkim didn't pass. X-Original-Sender: roy.franz@linaro.org X-Original-Authentication-Results: mx.google.com; spf=pass (google.com: domain of patch+caf_=patchwork-forward=linaro.org@linaro.org designates 209.85.217.174 as permitted sender) smtp.mail=patch+caf_=patchwork-forward=linaro.org@linaro.org Mailing-list: list patchwork-forward@linaro.org; contact patchwork-forward+owners@linaro.org X-Google-Group-Id: 836684582541 List-Archive: The only valid response from the LocateHandle() call is EFI_BUFFER_TOO_SMALL, so exit if we get anything else. We pass a 0 size/NULL pointer buffer, so the only other returns we will get is an error. Return right away as there is nothing to do. Also return if there is an error allocating the buffer, as the previous code path also allowed for an undefined pointer to be freed. Signed-off-by: Roy Franz Re-structure the change. Signed-off-by: Jan Beulich --- xen/arch/x86/efi/boot.c | 11 ++++++----- 1 file changed, 6 insertions(+), 5 deletions(-) diff --git a/xen/arch/x86/efi/boot.c b/xen/arch/x86/efi/boot.c index 3bdc158..6f34592 100644 --- a/xen/arch/x86/efi/boot.c +++ b/xen/arch/x86/efi/boot.c @@ -595,11 +595,12 @@ static void __init setup_efi_pci(void) struct efi_pci_rom *last = NULL; status = efi_bs->LocateHandle(ByProtocol, &pci_guid, NULL, &size, NULL); - if ( status == EFI_BUFFER_TOO_SMALL ) - status = efi_bs->AllocatePool(EfiLoaderData, size, (void **)&handles); - if ( !EFI_ERROR(status) ) - status = efi_bs->LocateHandle(ByProtocol, &pci_guid, NULL, &size, - handles); + if ( status != EFI_BUFFER_TOO_SMALL ) + return; + status = efi_bs->AllocatePool(EfiLoaderData, size, (void **)&handles); + if ( EFI_ERROR(status) ) + return; + status = efi_bs->LocateHandle(ByProtocol, &pci_guid, NULL, &size, handles); if ( EFI_ERROR(status) ) size = 0;