From 248fce0329c1bfdfa9486e357e40a911361003bd Mon Sep 17 00:00:00 2001 From: Hao Wu Date: Tue, 11 Oct 2016 10:22:13 +0800 Subject: [PATCH] BaseTools/GenSec: Avoid possible NULL pointer dereference Cc: Liming Gao Cc: Yonghong Zhu Contributed-under: TianoCore Contribution Agreement 1.0 Signed-off-by: Hao Wu Reviewed-by: Liming Gao --- BaseTools/Source/C/GenSec/GenSec.c | 18 ++++++++++++++++-- 1 file changed, 16 insertions(+), 2 deletions(-) diff --git a/BaseTools/Source/C/GenSec/GenSec.c b/BaseTools/Source/C/GenSec/GenSec.c index d2bf102bb9..0129e4eb3f 100644 --- a/BaseTools/Source/C/GenSec/GenSec.c +++ b/BaseTools/Source/C/GenSec/GenSec.c @@ -1,7 +1,7 @@ /** @file Creates output file that is a properly formed section per the PI spec. -Copyright (c) 2004 - 2014, Intel Corporation. All rights reserved.
+Copyright (c) 2004 - 2016, Intel Corporation. All rights reserved.
This program and the accompanying materials are licensed and made available under the terms and conditions of the BSD License which accompanies this distribution. The full text of the license may be found at @@ -667,6 +667,10 @@ Returns: return Status; } + if (FileBuffer == NULL) { + return EFI_OUT_OF_RESOURCES; + } + CompressFunction = NULL; // @@ -731,6 +735,10 @@ Returns: return Status; } + + if (FileBuffer == NULL) { + return EFI_OUT_OF_RESOURCES; + } } DebugMsg (NULL, 0, 9, "comprss file size", @@ -889,6 +897,10 @@ Returns: return Status; } + if (FileBuffer == NULL) { + return EFI_OUT_OF_RESOURCES; + } + if (InputLength == 0) { Error (NULL, 0, 2000, "Invalid parameter", "the size of input file %s can't be zero", InputFileName); return EFI_NOT_FOUND; @@ -1365,7 +1377,9 @@ Returns: // // GuidValue is only required by Guided section. // - if ((SectType != EFI_SECTION_GUID_DEFINED) && (CompareGuid (&VendorGuid, &mZeroGuid) != 0)) { + if ((SectType != EFI_SECTION_GUID_DEFINED) && + (SectionName != NULL) && + (CompareGuid (&VendorGuid, &mZeroGuid) != 0)) { fprintf (stdout, "Warning: the input guid value is not required for this section type %s\n", SectionName); }