[edk2-devel] [PATCH v2 2/6] RedfishClientPkg: fix access to uninitialized variable

Nickle Wang via groups.io nicklew=nvidia.com at groups.io
Wed Aug 30 01:48:23 UTC 2023 

Thanks for fixing this issue, Mike.


Reviewed-by: Nickle Wang <nicklew at nvidia.com>

Regards,
Nickle

> -----Original Message-----
> From: Mike Maslenkin <mike.maslenkin at gmail.com>
> Sent: Tuesday, August 29, 2023 4:01 PM
> To: devel at edk2.groups.io
> Cc: abner.chang at amd.com; Nickle Wang <nicklew at nvidia.com>;
> igork at ami.com; Mike Maslenkin <mike.maslenkin at gmail.com>
> Subject: [PATCH v2 2/6] RedfishClientPkg: fix access to uninitialized variable
> 
> External email: Use caution opening links or attachments
> 
> 
> This patch fixes access to uninitialized variable, causing ASSERT from FreePool at
> least.
> 
> Before this patch RedfishSettingsResponse was initialized by GetResourceByUri
> under 'if (JsonValue != NULL)' condition.
> But freed under 'if (Private->Payload != NULL)' condition.
> Thus uninitialized pointers caused ASSERT on attempt to free memory.
> 
> Signed-off-by: Mike Maslenkin <mike.maslenkin at gmail.com>
> ---
>  RedfishClientPkg/Features/Bios/v1_0_9/Dxe/BiosDxe.c | 2 ++
>  1 file changed, 2 insertions(+)
> 
> diff --git a/RedfishClientPkg/Features/Bios/v1_0_9/Dxe/BiosDxe.c
> b/RedfishClientPkg/Features/Bios/v1_0_9/Dxe/BiosDxe.c
> index e7ac8779581c..f5562fb49cab 100644
> --- a/RedfishClientPkg/Features/Bios/v1_0_9/Dxe/BiosDxe.c
> +++ b/RedfishClientPkg/Features/Bios/v1_0_9/Dxe/BiosDxe.c
> @@ -128,6 +128,8 @@ RedfishResourceConsumeResource (
>      return Status;
> 
>    }
> 
> 
> 
> +  ZeroMem (&RedfishSettingsResponse, sizeof (REDFISH_RESPONSE));
> 
> +
> 
>    ExpectedResponse   = &Response;
> 
>    RedfishSettingsUri = NULL;
> 
>    JsonValue          = RedfishJsonInPayload (Response.Payload);
> 
> --
> 2.32.0 (Apple Git-132)



-=-=-=-=-=-=-=-=-=-=-=-
Groups.io Links: You receive all messages sent to this group.
View/Reply Online (#108106): https://edk2.groups.io/g/devel/message/108106
Mute This Topic: https://groups.io/mt/101027004/1813853
Group Owner: devel+owner at edk2.groups.io
Unsubscribe: https://edk2.groups.io/g/devel/unsub [edk2-devel-archive at redhat.com]
-=-=-=-=-=-=-=-=-=-=-=-

More information about the edk2-devel-archive mailing list