diff options
author | erictian <erictian@6f19259b-4bc3-4df7-8a09-765794883524> | 2013-04-07 08:43:28 +0000 |
---|---|---|
committer | erictian <erictian@6f19259b-4bc3-4df7-8a09-765794883524> | 2013-04-07 08:43:28 +0000 |
commit | 7a4d52add105b1af8d414ed7db2fc6bd94d69dcd (patch) | |
tree | e21f73f008be9d439c88e00f5bdef16241c8822e | |
parent | e79095b7b7d997bd6481a30eb2e7bf7a421a3ca9 (diff) | |
download | edk2-platforms-7a4d52add105b1af8d414ed7db2fc6bd94d69dcd.tar.xz |
MdeMdeModulePkg/UsbBusDxe: Fixed a possible memory leak bug introduced at r14226
The r14226 check-in indeed has memory leak in allocated "Child" pointer. UsbBusDriverBindingStop() may dereference this pointer and may bring exception on invalid memory access
Signed-off-by: Feng Tian <feng.tian@intel.com>
Reviewed-by: Jiewen Yao <jiewen.yao@intel.com>
git-svn-id: https://edk2.svn.sourceforge.net/svnroot/edk2/trunk/edk2@14251 6f19259b-4bc3-4df7-8a09-765794883524
-rw-r--r-- | MdeModulePkg/Bus/Usb/UsbBusDxe/UsbEnumer.c | 19 |
1 files changed, 14 insertions, 5 deletions
diff --git a/MdeModulePkg/Bus/Usb/UsbBusDxe/UsbEnumer.c b/MdeModulePkg/Bus/Usb/UsbBusDxe/UsbEnumer.c index 8340b72de2..0aa896173d 100644 --- a/MdeModulePkg/Bus/Usb/UsbBusDxe/UsbEnumer.c +++ b/MdeModulePkg/Bus/Usb/UsbBusDxe/UsbEnumer.c @@ -814,11 +814,20 @@ UsbEnumerateNewDev ( return EFI_SUCCESS;
ON_ERROR:
-
- if (Child != NULL) {
- UsbFreeDevice (Child);
- }
-
+ //
+ // If reach here, it means the enumeration process on a given port is interrupted due to error.
+ // The s/w resources, including the assigned address(Address) and the allocated usb device data
+ // structure(Bus->Devices[Address]), will NOT be freed here. These resources will be freed when
+ // the device is unplugged from the port or DriverBindingStop() is invoked.
+ //
+ // This way is used to co-work with the lower layer EDKII UHCI/EHCI/XHCI host controller driver.
+ // It's mainly because to keep UEFI spec unchanged EDKII XHCI driver have to maintain a state machine
+ // to keep track of the mapping between actual address and request address. If the request address
+ // (Address) is freed here, the Address value will be used by next enumerated device. Then EDKII XHCI
+ // host controller driver will have wrong information, which will cause further transaction error.
+ //
+ // EDKII UHCI/EHCI doesn't get impacted as it's make sense to reserve s/w resource till it gets unplugged.
+ //
return Status;
}
|