From df473cc1fc9acd1a623ec7e05276f2f0635c19d2 Mon Sep 17 00:00:00 2001 From: Ronald Cron Date: Tue, 7 Jul 2015 11:26:27 +0000 Subject: [PATCH] MdeModulePkg/PartitionDxe: Fix media probe The call in ProbeMediaStatus() to the ReadDisk() function of the EFI_DISK_IO_PROTOCOL interface implemented in DiskIoDxe/DiskIo.c crashed in DiskIo2ReadWriteDisk() because of the NULL value of the destination buffer pointer. Pass the address of a buffer in the stack instead of a NULL pointer. In addition to avoiding the crash, that way, the media probe does not depend anymore on the way the EFI_DISK_IO_PROTOCOL implementation deals with a NULL value of the destination buffer pointer as the UEFI specification does not specify the expected behaviour. Contributed-under: TianoCore Contribution Agreement 1.0 Signed-off-by: Ronald Cron Reviewed-by: Olivier Martin Reviewed-by: Ruiyu Ni git-svn-id: https://svn.code.sf.net/p/edk2/code/trunk/edk2@17859 6f19259b-4bc3-4df7-8a09-765794883524 --- MdeModulePkg/Universal/Disk/PartitionDxe/Partition.c | 8 ++++++-- 1 file changed, 6 insertions(+), 2 deletions(-) diff --git a/MdeModulePkg/Universal/Disk/PartitionDxe/Partition.c b/MdeModulePkg/Universal/Disk/PartitionDxe/Partition.c index 28639b0117..89cc540210 100644 --- a/MdeModulePkg/Universal/Disk/PartitionDxe/Partition.c +++ b/MdeModulePkg/Universal/Disk/PartitionDxe/Partition.c @@ -576,11 +576,15 @@ ProbeMediaStatus ( ) { EFI_STATUS Status; + UINT8 Buffer[1]; // - // Read 1 byte from offset 0 but passing NULL as buffer pointer + // Read 1 byte from offset 0 to check if the MediaId is still valid. + // The reading operation is synchronious thus it is not worth it to + // allocate a buffer from the pool. The destination buffer for the + // data is in the stack. // - Status = DiskIo->ReadDisk (DiskIo, MediaId, 0, 1, NULL); + Status = DiskIo->ReadDisk (DiskIo, MediaId, 0, 1, (VOID*)Buffer); if ((Status == EFI_NO_MEDIA) || (Status == EFI_MEDIA_CHANGED)) { return Status; }