Add more code robustness check for modules under MdeModulePkg.

git-svn-id: https://edk2.svn.sourceforge.net/svnroot/edk2/trunk/edk2@10108 6f19259b-4bc3-4df7-8a09-765794883524
This commit is contained in:
rsun3 2010-02-26 08:53:27 +00:00
parent 4ccd9566c1
commit d2fbaaab17
8 changed files with 30 additions and 17 deletions

View File

@ -1016,7 +1016,7 @@ CoreFwVolEventProtocolNotify (
FvIsBeingProcesssed (FvHandle);
Status = CoreHandleProtocol (FvHandle, &gEfiFirmwareVolume2ProtocolGuid, (VOID **)&Fv);
if (EFI_ERROR (Status)) {
if (EFI_ERROR (Status) || Fv == NULL) {
//
// FvHandle must have Firmware Volume2 protocol thus we should never get here.
//

View File

@ -3,7 +3,7 @@
Layers on top of Firmware Block protocol to produce a file abstraction
of FV based files.
Copyright (c) 2006 - 2008, Intel Corporation. <BR>
Copyright (c) 2006 - 2010, Intel Corporation. <BR>
All rights reserved. This program and the accompanying materials
are licensed and made available under the terms and conditions of the BSD License
which accompanies this distribution. The full text of the license may be found at
@ -565,6 +565,7 @@ NotifyFwVolBlock (
if (EFI_ERROR (Status)) {
return;
}
ASSERT (FwVolHeader != NULL);
if (!VerifyFvHeaderChecksum (FwVolHeader)) {
CoreFreePool (FwVolHeader);

View File

@ -3,7 +3,7 @@
The GCD services are used to manage the memory and I/O regions that
are accessible to the CPU that is executing the DXE core.
Copyright (c) 2006 - 2008, Intel Corporation. <BR>
Copyright (c) 2006 - 2010, Intel Corporation. <BR>
All rights reserved. This program and the accompanying materials
are licensed and made available under the terms and conditions of the BSD License
which accompanies this distribution. The full text of the license may be found at
@ -599,6 +599,7 @@ CoreConvertSpace (
goto Done;
}
ASSERT (StartLink != NULL && EndLink != NULL);
//
// Verify that the list of descriptors are unallocated non-existent memory.
@ -684,6 +685,7 @@ CoreConvertSpace (
Status = EFI_OUT_OF_RESOURCES;
goto Done;
}
ASSERT (TopEntry != NULL && BottomEntry != NULL);
if (Operation == GCD_SET_ATTRIBUTES_MEMORY_OPERATION) {
//
@ -692,7 +694,7 @@ CoreConvertSpace (
CpuArchAttributes = ConverToCpuArchAttributes (Attributes);
if ( CpuArchAttributes != INVALID_CPU_ARCH_ATTRIBUTES ) {
Status = CoreLocateProtocol (&gEfiCpuArchProtocolGuid, NULL, (VOID **)&CpuArch);
if (EFI_ERROR (Status)) {
if (EFI_ERROR (Status) || CpuArch == NULL) {
Status = EFI_ACCESS_DENIED;
goto Done;
}
@ -926,6 +928,7 @@ CoreAllocateSpace (
Status = EFI_NOT_FOUND;
goto Done;
}
ASSERT (StartLink != NULL && EndLink != NULL);
//
// Verify that the list of descriptors are unallocated memory matching GcdMemoryType.
@ -1009,6 +1012,7 @@ CoreAllocateSpace (
Status = EFI_NOT_FOUND;
goto Done;
}
ASSERT (StartLink != NULL && EndLink != NULL);
Link = StartLink;
//
@ -1044,6 +1048,7 @@ CoreAllocateSpace (
Status = EFI_OUT_OF_RESOURCES;
goto Done;
}
ASSERT (TopEntry != NULL && BottomEntry != NULL);
//
// Convert/Insert the list of descriptors from StartLink to EndLink
@ -1330,6 +1335,7 @@ CoreGetMemorySpaceDescriptor (
if (EFI_ERROR (Status)) {
Status = EFI_NOT_FOUND;
} else {
ASSERT (StartLink != NULL && EndLink != NULL);
//
// Copy the contents of the found descriptor into Descriptor
//
@ -1609,6 +1615,7 @@ CoreGetIoSpaceDescriptor (
if (EFI_ERROR (Status)) {
Status = EFI_NOT_FOUND;
} else {
ASSERT (StartLink != NULL && EndLink != NULL);
//
// Copy the contents of the found descriptor into Descriptor
//

View File

@ -1,7 +1,7 @@
/** @file
Support functions to connect/disconnect UEFI Driver model Protocol
Copyright (c) 2006 - 2008, Intel Corporation. <BR>
Copyright (c) 2006 - 2010, Intel Corporation. <BR>
All rights reserved. This program and the accompanying materials
are licensed and made available under the terms and conditions of the BSD License
which accompanies this distribution. The full text of the license may be found at
@ -766,7 +766,7 @@ CoreDisconnectController (
&gEfiDriverBindingProtocolGuid,
(VOID **)&DriverBinding
);
if (EFI_ERROR (Status)) {
if (EFI_ERROR (Status) || DriverBinding == NULL) {
Status = EFI_INVALID_PARAMETER;
goto Done;
}

View File

@ -1,7 +1,7 @@
/** @file
Locate handle functions
Copyright (c) 2006 - 2009, Intel Corporation. <BR>
Copyright (c) 2006 - 2010, Intel Corporation. <BR>
All rights reserved. This program and the accompanying materials
are licensed and made available under the terms and conditions of the BSD License
which accompanies this distribution. The full text of the license may be found at
@ -200,6 +200,7 @@ CoreLocateHandle (
return Status;
}
ASSERT (GetNext != NULL);
//
// Enumerate out the matching handles
//
@ -246,6 +247,7 @@ CoreLocateHandle (
// If this is a search by register notify and a handle was
// returned, update the register notification position
//
ASSERT (SearchKey != NULL);
ProtNotify = SearchKey;
ProtNotify->Position = ProtNotify->Position->ForwardLink;
}

View File

@ -1,7 +1,7 @@
/** @file
Core image handling services to load and unload PeImage.
Copyright (c) 2006 - 2009, Intel Corporation. <BR>
Copyright (c) 2006 - 2010, Intel Corporation. <BR>
All rights reserved. This program and the accompanying materials
are licensed and made available under the terms and conditions of the BSD License
which accompanies this distribution. The full text of the license may be found at
@ -603,7 +603,7 @@ CoreLoadPeImage (
// Locate the EBC interpreter protocol
//
Status = CoreLocateProtocol (&gEfiEbcProtocolGuid, NULL, (VOID **)&Image->Ebc);
if (EFI_ERROR(Status)) {
if (EFI_ERROR(Status) || Image->Ebc == NULL) {
DEBUG ((DEBUG_LOAD | DEBUG_ERROR, "CoreLoadPeImage: There is no EBC interpreter for an EBC image.\n"));
goto Done;
}
@ -1095,12 +1095,13 @@ CoreLoadImageCommon (
// Pull out just the file portion of the DevicePath for the LoadedImage FilePath
//
FilePath = OriginalFilePath;
if (DeviceHandle != NULL) {
Status = CoreHandleProtocol (DeviceHandle, &gEfiDevicePathProtocolGuid, (VOID **)&HandleFilePath);
if (!EFI_ERROR (Status)) {
FilePathSize = GetDevicePathSize (HandleFilePath) - sizeof(EFI_DEVICE_PATH_PROTOCOL);
FilePath = (EFI_DEVICE_PATH_PROTOCOL *) (((UINT8 *)FilePath) + FilePathSize );
}
}
//
// Initialize the fields for an internal driver
//

View File

@ -27,7 +27,7 @@
3) A support protocol is not found, and the data is not available to be read
without it. This results in EFI_PROTOCOL_ERROR.
Copyright (c) 2006 - 2008, Intel Corporation. <BR>
Copyright (c) 2006 - 2010, Intel Corporation. <BR>
All rights reserved. This program and the accompanying materials
are licensed and made available under the terms and conditions of the BSD License
which accompanies this distribution. The full text of the license may be found at
@ -635,7 +635,7 @@ CreateChildNode (
GuidedHeader = (EFI_GUID_DEFINED_SECTION *) SectionHeader;
Node->EncapsulationGuid = &GuidedHeader->SectionDefinitionGuid;
Status = CoreLocateProtocol (Node->EncapsulationGuid, NULL, (VOID **)&GuidedExtraction);
if (!EFI_ERROR (Status)) {
if (!EFI_ERROR (Status) && GuidedExtraction != NULL) {
//
// NewStreamBuffer is always allocated by ExtractSection... No caller
// allocation here.
@ -877,6 +877,7 @@ FindChildNode (
if (EFI_ERROR (Status)) {
return Status;
}
ASSERT (CurrentChildNode != NULL);
} else {
ASSERT (EFI_ERROR (ErrorStatus));
return ErrorStatus;

View File

@ -40,7 +40,7 @@
If one of them is not satisfied, FtwWrite may fail.
Usually, Spare area only takes one block. That's SpareAreaLength = BlockSize, NumberOfSpareBlock = 1.
Copyright (c) 2006 - 2009, Intel Corporation
Copyright (c) 2006 - 2010, Intel Corporation
All rights reserved. This program and the accompanying materials
are licensed and made available under the terms and conditions of the BSD License
which accompanies this distribution. The full text of the license may be found at
@ -837,6 +837,7 @@ FtwGetLastWrite (
*Complete = TRUE;
return EFI_NOT_FOUND;
}
ASSERT (Record != NULL);
}
//