mirror of https://github.com/acidanthera/audk.git
74f6ce6734
This patch fix a use-after-free issue where unregistering an SMI handler could lead to the deletion of the SMI_HANDLER while it is still in use by SmiManage(). The fix involves modifying SmiHandlerUnRegister() to detect whether it is being called from within the SmiManage() stack. If so, the removal of the SMI_HANDLER is deferred until SmiManage() has finished executing. Additionally, due to the possibility of recursive SmiManage() calls, the unregistration and subsequent removal of the SMI_HANDLER are ensured to occur only after the outermost SmiManage() invocation has completed. Cc: Liming Gao <gaoliming@byosoft.com.cn> Cc: Jiaxin Wu <jiaxin.wu@intel.com> Reviewed-by: Ray Ni <ray.ni@intel.com> Cc: Laszlo Ersek <lersek@redhat.com> Signed-off-by: Zhiguang Liu <zhiguang.liu@intel.com> |
||
|---|---|---|
| .. | ||
| Dependency.c | ||
| Dispatcher.c | ||
| Handle.c | ||
| HeapGuard.c | ||
| HeapGuard.h | ||
| InstallConfigurationTable.c | ||
| Locate.c | ||
| MemoryAttributesTable.c | ||
| Notify.c | ||
| Page.c | ||
| PiSmmCore.c | ||
| PiSmmCore.h | ||
| PiSmmCore.inf | ||
| PiSmmCore.uni | ||
| PiSmmCoreExtra.uni | ||
| PiSmmCorePrivateData.h | ||
| PiSmmIpl.c | ||
| PiSmmIpl.inf | ||
| PiSmmIpl.uni | ||
| PiSmmIplExtra.uni | ||
| Pool.c | ||
| Smi.c | ||
| SmiHandlerProfile.c | ||
| SmramProfileRecord.c | ||