Add more code robustness check for modules under MdeModulePkg.

git-svn-id: https://edk2.svn.sourceforge.net/svnroot/edk2/trunk/edk2@10108 6f19259b-4bc3-4df7-8a09-765794883524
This commit is contained in:
rsun3 2010-02-26 08:53:27 +00:00
parent 4ccd9566c1
commit d2fbaaab17
8 changed files with 30 additions and 17 deletions

View File

@ -1016,7 +1016,7 @@ CoreFwVolEventProtocolNotify (
FvIsBeingProcesssed (FvHandle); FvIsBeingProcesssed (FvHandle);
Status = CoreHandleProtocol (FvHandle, &gEfiFirmwareVolume2ProtocolGuid, (VOID **)&Fv); Status = CoreHandleProtocol (FvHandle, &gEfiFirmwareVolume2ProtocolGuid, (VOID **)&Fv);
if (EFI_ERROR (Status)) { if (EFI_ERROR (Status) || Fv == NULL) {
// //
// FvHandle must have Firmware Volume2 protocol thus we should never get here. // FvHandle must have Firmware Volume2 protocol thus we should never get here.
// //

View File

@ -3,7 +3,7 @@
Layers on top of Firmware Block protocol to produce a file abstraction Layers on top of Firmware Block protocol to produce a file abstraction
of FV based files. of FV based files.
Copyright (c) 2006 - 2008, Intel Corporation. <BR> Copyright (c) 2006 - 2010, Intel Corporation. <BR>
All rights reserved. This program and the accompanying materials All rights reserved. This program and the accompanying materials
are licensed and made available under the terms and conditions of the BSD License are licensed and made available under the terms and conditions of the BSD License
which accompanies this distribution. The full text of the license may be found at which accompanies this distribution. The full text of the license may be found at
@ -565,6 +565,7 @@ NotifyFwVolBlock (
if (EFI_ERROR (Status)) { if (EFI_ERROR (Status)) {
return; return;
} }
ASSERT (FwVolHeader != NULL);
if (!VerifyFvHeaderChecksum (FwVolHeader)) { if (!VerifyFvHeaderChecksum (FwVolHeader)) {
CoreFreePool (FwVolHeader); CoreFreePool (FwVolHeader);

View File

@ -3,7 +3,7 @@
The GCD services are used to manage the memory and I/O regions that The GCD services are used to manage the memory and I/O regions that
are accessible to the CPU that is executing the DXE core. are accessible to the CPU that is executing the DXE core.
Copyright (c) 2006 - 2008, Intel Corporation. <BR> Copyright (c) 2006 - 2010, Intel Corporation. <BR>
All rights reserved. This program and the accompanying materials All rights reserved. This program and the accompanying materials
are licensed and made available under the terms and conditions of the BSD License are licensed and made available under the terms and conditions of the BSD License
which accompanies this distribution. The full text of the license may be found at which accompanies this distribution. The full text of the license may be found at
@ -599,6 +599,7 @@ CoreConvertSpace (
goto Done; goto Done;
} }
ASSERT (StartLink != NULL && EndLink != NULL);
// //
// Verify that the list of descriptors are unallocated non-existent memory. // Verify that the list of descriptors are unallocated non-existent memory.
@ -684,6 +685,7 @@ CoreConvertSpace (
Status = EFI_OUT_OF_RESOURCES; Status = EFI_OUT_OF_RESOURCES;
goto Done; goto Done;
} }
ASSERT (TopEntry != NULL && BottomEntry != NULL);
if (Operation == GCD_SET_ATTRIBUTES_MEMORY_OPERATION) { if (Operation == GCD_SET_ATTRIBUTES_MEMORY_OPERATION) {
// //
@ -692,7 +694,7 @@ CoreConvertSpace (
CpuArchAttributes = ConverToCpuArchAttributes (Attributes); CpuArchAttributes = ConverToCpuArchAttributes (Attributes);
if ( CpuArchAttributes != INVALID_CPU_ARCH_ATTRIBUTES ) { if ( CpuArchAttributes != INVALID_CPU_ARCH_ATTRIBUTES ) {
Status = CoreLocateProtocol (&gEfiCpuArchProtocolGuid, NULL, (VOID **)&CpuArch); Status = CoreLocateProtocol (&gEfiCpuArchProtocolGuid, NULL, (VOID **)&CpuArch);
if (EFI_ERROR (Status)) { if (EFI_ERROR (Status) || CpuArch == NULL) {
Status = EFI_ACCESS_DENIED; Status = EFI_ACCESS_DENIED;
goto Done; goto Done;
} }
@ -926,6 +928,7 @@ CoreAllocateSpace (
Status = EFI_NOT_FOUND; Status = EFI_NOT_FOUND;
goto Done; goto Done;
} }
ASSERT (StartLink != NULL && EndLink != NULL);
// //
// Verify that the list of descriptors are unallocated memory matching GcdMemoryType. // Verify that the list of descriptors are unallocated memory matching GcdMemoryType.
@ -1009,6 +1012,7 @@ CoreAllocateSpace (
Status = EFI_NOT_FOUND; Status = EFI_NOT_FOUND;
goto Done; goto Done;
} }
ASSERT (StartLink != NULL && EndLink != NULL);
Link = StartLink; Link = StartLink;
// //
@ -1044,6 +1048,7 @@ CoreAllocateSpace (
Status = EFI_OUT_OF_RESOURCES; Status = EFI_OUT_OF_RESOURCES;
goto Done; goto Done;
} }
ASSERT (TopEntry != NULL && BottomEntry != NULL);
// //
// Convert/Insert the list of descriptors from StartLink to EndLink // Convert/Insert the list of descriptors from StartLink to EndLink
@ -1330,6 +1335,7 @@ CoreGetMemorySpaceDescriptor (
if (EFI_ERROR (Status)) { if (EFI_ERROR (Status)) {
Status = EFI_NOT_FOUND; Status = EFI_NOT_FOUND;
} else { } else {
ASSERT (StartLink != NULL && EndLink != NULL);
// //
// Copy the contents of the found descriptor into Descriptor // Copy the contents of the found descriptor into Descriptor
// //
@ -1609,6 +1615,7 @@ CoreGetIoSpaceDescriptor (
if (EFI_ERROR (Status)) { if (EFI_ERROR (Status)) {
Status = EFI_NOT_FOUND; Status = EFI_NOT_FOUND;
} else { } else {
ASSERT (StartLink != NULL && EndLink != NULL);
// //
// Copy the contents of the found descriptor into Descriptor // Copy the contents of the found descriptor into Descriptor
// //

View File

@ -1,7 +1,7 @@
/** @file /** @file
Support functions to connect/disconnect UEFI Driver model Protocol Support functions to connect/disconnect UEFI Driver model Protocol
Copyright (c) 2006 - 2008, Intel Corporation. <BR> Copyright (c) 2006 - 2010, Intel Corporation. <BR>
All rights reserved. This program and the accompanying materials All rights reserved. This program and the accompanying materials
are licensed and made available under the terms and conditions of the BSD License are licensed and made available under the terms and conditions of the BSD License
which accompanies this distribution. The full text of the license may be found at which accompanies this distribution. The full text of the license may be found at
@ -766,7 +766,7 @@ CoreDisconnectController (
&gEfiDriverBindingProtocolGuid, &gEfiDriverBindingProtocolGuid,
(VOID **)&DriverBinding (VOID **)&DriverBinding
); );
if (EFI_ERROR (Status)) { if (EFI_ERROR (Status) || DriverBinding == NULL) {
Status = EFI_INVALID_PARAMETER; Status = EFI_INVALID_PARAMETER;
goto Done; goto Done;
} }

View File

@ -1,7 +1,7 @@
/** @file /** @file
Locate handle functions Locate handle functions
Copyright (c) 2006 - 2009, Intel Corporation. <BR> Copyright (c) 2006 - 2010, Intel Corporation. <BR>
All rights reserved. This program and the accompanying materials All rights reserved. This program and the accompanying materials
are licensed and made available under the terms and conditions of the BSD License are licensed and made available under the terms and conditions of the BSD License
which accompanies this distribution. The full text of the license may be found at which accompanies this distribution. The full text of the license may be found at
@ -200,6 +200,7 @@ CoreLocateHandle (
return Status; return Status;
} }
ASSERT (GetNext != NULL);
// //
// Enumerate out the matching handles // Enumerate out the matching handles
// //
@ -246,6 +247,7 @@ CoreLocateHandle (
// If this is a search by register notify and a handle was // If this is a search by register notify and a handle was
// returned, update the register notification position // returned, update the register notification position
// //
ASSERT (SearchKey != NULL);
ProtNotify = SearchKey; ProtNotify = SearchKey;
ProtNotify->Position = ProtNotify->Position->ForwardLink; ProtNotify->Position = ProtNotify->Position->ForwardLink;
} }

View File

@ -1,7 +1,7 @@
/** @file /** @file
Core image handling services to load and unload PeImage. Core image handling services to load and unload PeImage.
Copyright (c) 2006 - 2009, Intel Corporation. <BR> Copyright (c) 2006 - 2010, Intel Corporation. <BR>
All rights reserved. This program and the accompanying materials All rights reserved. This program and the accompanying materials
are licensed and made available under the terms and conditions of the BSD License are licensed and made available under the terms and conditions of the BSD License
which accompanies this distribution. The full text of the license may be found at which accompanies this distribution. The full text of the license may be found at
@ -603,7 +603,7 @@ CoreLoadPeImage (
// Locate the EBC interpreter protocol // Locate the EBC interpreter protocol
// //
Status = CoreLocateProtocol (&gEfiEbcProtocolGuid, NULL, (VOID **)&Image->Ebc); Status = CoreLocateProtocol (&gEfiEbcProtocolGuid, NULL, (VOID **)&Image->Ebc);
if (EFI_ERROR(Status)) { if (EFI_ERROR(Status) || Image->Ebc == NULL) {
DEBUG ((DEBUG_LOAD | DEBUG_ERROR, "CoreLoadPeImage: There is no EBC interpreter for an EBC image.\n")); DEBUG ((DEBUG_LOAD | DEBUG_ERROR, "CoreLoadPeImage: There is no EBC interpreter for an EBC image.\n"));
goto Done; goto Done;
} }
@ -1095,12 +1095,13 @@ CoreLoadImageCommon (
// Pull out just the file portion of the DevicePath for the LoadedImage FilePath // Pull out just the file portion of the DevicePath for the LoadedImage FilePath
// //
FilePath = OriginalFilePath; FilePath = OriginalFilePath;
Status = CoreHandleProtocol (DeviceHandle, &gEfiDevicePathProtocolGuid, (VOID **)&HandleFilePath); if (DeviceHandle != NULL) {
if (!EFI_ERROR (Status)) { Status = CoreHandleProtocol (DeviceHandle, &gEfiDevicePathProtocolGuid, (VOID **)&HandleFilePath);
FilePathSize = GetDevicePathSize (HandleFilePath) - sizeof(EFI_DEVICE_PATH_PROTOCOL); if (!EFI_ERROR (Status)) {
FilePath = (EFI_DEVICE_PATH_PROTOCOL *) (((UINT8 *)FilePath) + FilePathSize ); FilePathSize = GetDevicePathSize (HandleFilePath) - sizeof(EFI_DEVICE_PATH_PROTOCOL);
FilePath = (EFI_DEVICE_PATH_PROTOCOL *) (((UINT8 *)FilePath) + FilePathSize );
}
} }
// //
// Initialize the fields for an internal driver // Initialize the fields for an internal driver
// //

View File

@ -27,7 +27,7 @@
3) A support protocol is not found, and the data is not available to be read 3) A support protocol is not found, and the data is not available to be read
without it. This results in EFI_PROTOCOL_ERROR. without it. This results in EFI_PROTOCOL_ERROR.
Copyright (c) 2006 - 2008, Intel Corporation. <BR> Copyright (c) 2006 - 2010, Intel Corporation. <BR>
All rights reserved. This program and the accompanying materials All rights reserved. This program and the accompanying materials
are licensed and made available under the terms and conditions of the BSD License are licensed and made available under the terms and conditions of the BSD License
which accompanies this distribution. The full text of the license may be found at which accompanies this distribution. The full text of the license may be found at
@ -635,7 +635,7 @@ CreateChildNode (
GuidedHeader = (EFI_GUID_DEFINED_SECTION *) SectionHeader; GuidedHeader = (EFI_GUID_DEFINED_SECTION *) SectionHeader;
Node->EncapsulationGuid = &GuidedHeader->SectionDefinitionGuid; Node->EncapsulationGuid = &GuidedHeader->SectionDefinitionGuid;
Status = CoreLocateProtocol (Node->EncapsulationGuid, NULL, (VOID **)&GuidedExtraction); Status = CoreLocateProtocol (Node->EncapsulationGuid, NULL, (VOID **)&GuidedExtraction);
if (!EFI_ERROR (Status)) { if (!EFI_ERROR (Status) && GuidedExtraction != NULL) {
// //
// NewStreamBuffer is always allocated by ExtractSection... No caller // NewStreamBuffer is always allocated by ExtractSection... No caller
// allocation here. // allocation here.
@ -877,6 +877,7 @@ FindChildNode (
if (EFI_ERROR (Status)) { if (EFI_ERROR (Status)) {
return Status; return Status;
} }
ASSERT (CurrentChildNode != NULL);
} else { } else {
ASSERT (EFI_ERROR (ErrorStatus)); ASSERT (EFI_ERROR (ErrorStatus));
return ErrorStatus; return ErrorStatus;

View File

@ -40,7 +40,7 @@
If one of them is not satisfied, FtwWrite may fail. If one of them is not satisfied, FtwWrite may fail.
Usually, Spare area only takes one block. That's SpareAreaLength = BlockSize, NumberOfSpareBlock = 1. Usually, Spare area only takes one block. That's SpareAreaLength = BlockSize, NumberOfSpareBlock = 1.
Copyright (c) 2006 - 2009, Intel Corporation Copyright (c) 2006 - 2010, Intel Corporation
All rights reserved. This program and the accompanying materials All rights reserved. This program and the accompanying materials
are licensed and made available under the terms and conditions of the BSD License are licensed and made available under the terms and conditions of the BSD License
which accompanies this distribution. The full text of the license may be found at which accompanies this distribution. The full text of the license may be found at
@ -837,6 +837,7 @@ FtwGetLastWrite (
*Complete = TRUE; *Complete = TRUE;
return EFI_NOT_FOUND; return EFI_NOT_FOUND;
} }
ASSERT (Record != NULL);
} }
// //