From 02a758cb0b5bc8775d95e0a52acc483f850124a1 Mon Sep 17 00:00:00 2001 From: sfu5 Date: Sat, 8 Oct 2011 02:55:30 +0000 Subject: Add pointer check for NULL before dereference it. Signed-off-by: sfu5 Reviewed-by: xdu2 Reviewed-by: ydong10 git-svn-id: https://edk2.svn.sourceforge.net/svnroot/edk2/trunk/edk2@12514 6f19259b-4bc3-4df7-8a09-765794883524 --- MdeModulePkg/Library/UefiHiiLib/HiiLib.c | 4 +- NetworkPkg/Ip6Dxe/Ip6Nd.c | 48 +++++--- NetworkPkg/IpSecDxe/Ikev2/Payload.c | 36 +++++- NetworkPkg/IpSecDxe/Ikev2/Sa.c | 137 +++++++++++++++++++-- NetworkPkg/IpSecDxe/Ikev2/Utility.c | 4 +- NetworkPkg/IpSecDxe/IpSecConfigImpl.c | 12 +- NetworkPkg/IpSecDxe/IpSecImpl.c | 1 + .../Library/UefiFileHandleLib/UefiFileHandleLib.c | 3 + ShellPkg/Library/UefiShellLib/UefiShellLib.c | 3 + 9 files changed, 211 insertions(+), 37 deletions(-) diff --git a/MdeModulePkg/Library/UefiHiiLib/HiiLib.c b/MdeModulePkg/Library/UefiHiiLib/HiiLib.c index ea347fd82a..a87441e2c0 100644 --- a/MdeModulePkg/Library/UefiHiiLib/HiiLib.c +++ b/MdeModulePkg/Library/UefiHiiLib/HiiLib.c @@ -2446,9 +2446,7 @@ InternalHiiGrowOpCodeHandle ( OpCodeBuffer->BufferSize + (Size + HII_LIB_OPCODE_ALLOCATION_SIZE), OpCodeBuffer->Buffer ); - if (Buffer == NULL) { - return NULL; - } + ASSERT (Buffer != NULL); OpCodeBuffer->Buffer = Buffer; OpCodeBuffer->BufferSize += (Size + HII_LIB_OPCODE_ALLOCATION_SIZE); } diff --git a/NetworkPkg/Ip6Dxe/Ip6Nd.c b/NetworkPkg/Ip6Dxe/Ip6Nd.c index 47ef74be52..4bcf1a6d44 100644 --- a/NetworkPkg/Ip6Dxe/Ip6Nd.c +++ b/NetworkPkg/Ip6Dxe/Ip6Nd.c @@ -1497,13 +1497,16 @@ Ip6ProcessNeighborSolicit ( goto Exit; } else { OptionLen = (UINT16) (Head->PayloadLength - IP6_ND_LENGTH); - Option = NetbufGetByte (Packet, IP6_ND_LENGTH, NULL); + if (OptionLen != 0) { + Option = NetbufGetByte (Packet, IP6_ND_LENGTH, NULL); + ASSERT (Option != NULL); - // - // All included options should have a length that is greater than zero. - // - if (!Ip6IsNDOptionValid (Option, OptionLen)) { - goto Exit; + // + // All included options should have a length that is greater than zero. + // + if (!Ip6IsNDOptionValid (Option, OptionLen)) { + goto Exit; + } } } @@ -1733,13 +1736,16 @@ Ip6ProcessNeighborAdvertise ( goto Exit; } else { OptionLen = (UINT16) (Head->PayloadLength - IP6_ND_LENGTH); - Option = NetbufGetByte (Packet, IP6_ND_LENGTH, NULL); + if (OptionLen != 0) { + Option = NetbufGetByte (Packet, IP6_ND_LENGTH, NULL); + ASSERT (Option != NULL); - // - // All included options should have a length that is greater than zero. - // - if (!Ip6IsNDOptionValid (Option, OptionLen)) { - goto Exit; + // + // All included options should have a length that is greater than zero. + // + if (!Ip6IsNDOptionValid (Option, OptionLen)) { + goto Exit; + } } } @@ -1982,10 +1988,13 @@ Ip6ProcessRouterAdvertise ( // All included options have a length that is greater than zero. // OptionLen = (UINT16) (Head->PayloadLength - IP6_RA_LENGTH); - Option = NetbufGetByte (Packet, IP6_RA_LENGTH, NULL); + if (OptionLen != 0) { + Option = NetbufGetByte (Packet, IP6_RA_LENGTH, NULL); + ASSERT (Option != NULL); - if (!Ip6IsNDOptionValid (Option, OptionLen)) { - goto Exit; + if (!Ip6IsNDOptionValid (Option, OptionLen)) { + goto Exit; + } } // @@ -2428,10 +2437,13 @@ Ip6ProcessRedirect ( // All included options have a length that is greater than zero. // OptionLen = (UINT16) (Head->PayloadLength - IP6_REDITECT_LENGTH); - Option = NetbufGetByte (Packet, IP6_REDITECT_LENGTH, NULL); + if (OptionLen != 0) { + Option = NetbufGetByte (Packet, IP6_REDITECT_LENGTH, NULL); + ASSERT (Option != NULL); - if (!Ip6IsNDOptionValid (Option, OptionLen)) { - goto Exit; + if (!Ip6IsNDOptionValid (Option, OptionLen)) { + goto Exit; + } } Target = (EFI_IPv6_ADDRESS *) (Icmp + 1); diff --git a/NetworkPkg/IpSecDxe/Ikev2/Payload.c b/NetworkPkg/IpSecDxe/Ikev2/Payload.c index 438b437aec..333074d260 100644 --- a/NetworkPkg/IpSecDxe/Ikev2/Payload.c +++ b/NetworkPkg/IpSecDxe/Ikev2/Payload.c @@ -1,7 +1,7 @@ /** @file The implementation of Payloads Creation. - Copyright (c) 2010, Intel Corporation. All rights reserved.
+ Copyright (c) 2010 - 2011, Intel Corporation. All rights reserved.
This program and the accompanying materials are licensed and made available under the terms and conditions of the BSD License @@ -311,6 +311,9 @@ Ikev2GenerateCertIdPayload ( &CertSubject, &SubjectSize ); + if (SubjectSize != 0) { + ASSERT (CertSubject != NULL); + } IdSize = sizeof (IKEV2_ID) + SubjectSize; @@ -757,7 +760,7 @@ Ikev2CertGenerateAuthPayload ( &SigSize ); - if (SigSize == 0) { + if (SigSize == 0 || Signature == NULL) { goto EXIT; } } @@ -1231,6 +1234,10 @@ Ikev2GenerateDeletePayload ( // +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ // SpiBufSize = (UINT16) (SpiSize * SpiNum); + if (SpiBufSize != 0 && SpiBuf == NULL) { + return NULL; + } + DelPayloadLen = (UINT16) (sizeof (IKEV2_DELETE) + SpiBufSize); Del = AllocateZeroPool (DelPayloadLen); @@ -1498,6 +1505,9 @@ Ikev2GenerateCertificatePayload ( Fragment[0].DataSize = PublicKeyLen; HashDataSize = IpSecGetHmacDigestLength (IKE_AALG_SHA1HMAC); HashData = AllocateZeroPool (HashDataSize); + if (HashData == NULL) { + goto ON_EXIT; + } Status = IpSecCryptoIoHash ( IKE_AALG_SHA1HMAC, @@ -2289,6 +2299,10 @@ Ikev2DecodePacket ( IkeSaSession = IKEV2_SA_SESSION_FROM_COMMON (SessionCommon); if (SessionCommon->IsInitiator) { IkeSaSession->RespPacket = AllocateZeroPool (IkePacket->Header->Length); + if (IkeSaSession->RespPacket == NULL) { + Status = EFI_OUT_OF_RESOURCES; + goto Exit; + } IkeSaSession->RespPacketSize = IkePacket->Header->Length; CopyMem (IkeSaSession->RespPacket, IkeHeader, sizeof (IKE_HEADER)); CopyMem ( @@ -2298,6 +2312,10 @@ Ikev2DecodePacket ( ); } else { IkeSaSession->InitPacket = AllocateZeroPool (IkePacket->Header->Length); + if (IkeSaSession->InitPacket == NULL) { + Status = EFI_OUT_OF_RESOURCES; + goto Exit; + } IkeSaSession->InitPacketSize = IkePacket->Header->Length; CopyMem (IkeSaSession->InitPacket, IkeHeader, sizeof (IKE_HEADER)); CopyMem ( @@ -2766,6 +2784,8 @@ Ikev2EncryptPacket ( UINTN CryptKeyLength; HASH_DATA_FRAGMENT Fragments[1]; + Status = EFI_SUCCESS; + // // Initial all buffers to NULL. // @@ -2827,6 +2847,10 @@ Ikev2EncryptPacket ( // IvSize = CryptBlockSize; IvBuffer = (UINT8 *) AllocateZeroPool (IvSize); + if (IvBuffer == NULL) { + Status = EFI_OUT_OF_RESOURCES; + goto ON_EXIT; + } // // Generate IV @@ -2892,6 +2916,10 @@ Ikev2EncryptPacket ( IkePacket->Header->NextPayload = IKEV2_PAYLOAD_TYPE_ENCRYPT; IntegrityBuf = AllocateZeroPool (IkePacket->Header->Length); + if (IntegrityBuf == NULL) { + Status = EFI_OUT_OF_RESOURCES; + goto ON_EXIT; + } IntegrityBufSize = IkePacket->Header->Length; IkeHdrHostToNet (IkePacket->Header); @@ -2905,6 +2933,10 @@ Ikev2EncryptPacket ( Fragments[0].DataSize = EncryptPayloadSize + sizeof (IKE_HEADER) - CheckSumSize; CheckSumData = AllocateZeroPool (CheckSumSize); + if (CheckSumData == NULL) { + Status = EFI_OUT_OF_RESOURCES; + goto ON_EXIT; + } if (SessionCommon->IsInitiator) { IpSecCryptoIoHmac ( diff --git a/NetworkPkg/IpSecDxe/Ikev2/Sa.c b/NetworkPkg/IpSecDxe/Ikev2/Sa.c index e32d2567ea..ae13e4d1b4 100644 --- a/NetworkPkg/IpSecDxe/Ikev2/Sa.c +++ b/NetworkPkg/IpSecDxe/Ikev2/Sa.c @@ -1496,6 +1496,7 @@ Ikev2GenerateSaKeys ( Digest = NULL; OutputKey = NULL; KeyBuffer = NULL; + Status = EFI_SUCCESS; // // Generate Gxy @@ -1581,6 +1582,10 @@ Ikev2GenerateSaKeys ( 2 * AuthAlgKeyLen + 2 * IntegrityAlgKeyLen; OutputKey = AllocateZeroPool (OutputKeyLength); + if (OutputKey == NULL) { + Status = EFI_OUT_OF_RESOURCES; + goto Exit; + } // // Generate Seven Keymates. @@ -1603,6 +1608,10 @@ Ikev2GenerateSaKeys ( // First, SK_d // IkeSaSession->IkeKeys->SkdKey = AllocateZeroPool (PrfAlgKeyLen); + if (IkeSaSession->IkeKeys->SkdKey == NULL) { + Status = EFI_OUT_OF_RESOURCES; + goto Exit; + } IkeSaSession->IkeKeys->SkdKeySize = PrfAlgKeyLen; CopyMem (IkeSaSession->IkeKeys->SkdKey, OutputKey, PrfAlgKeyLen); @@ -1612,6 +1621,10 @@ Ikev2GenerateSaKeys ( // Second, Sk_ai // IkeSaSession->IkeKeys->SkAiKey = AllocateZeroPool (IntegrityAlgKeyLen); + if (IkeSaSession->IkeKeys->SkAiKey == NULL) { + Status = EFI_OUT_OF_RESOURCES; + goto Exit; + } IkeSaSession->IkeKeys->SkAiKeySize = IntegrityAlgKeyLen; CopyMem (IkeSaSession->IkeKeys->SkAiKey, OutputKey + PrfAlgKeyLen, IntegrityAlgKeyLen); @@ -1621,6 +1634,10 @@ Ikev2GenerateSaKeys ( // Third, Sk_ar // IkeSaSession->IkeKeys->SkArKey = AllocateZeroPool (IntegrityAlgKeyLen); + if (IkeSaSession->IkeKeys->SkArKey == NULL) { + Status = EFI_OUT_OF_RESOURCES; + goto Exit; + } IkeSaSession->IkeKeys->SkArKeySize = IntegrityAlgKeyLen; CopyMem ( IkeSaSession->IkeKeys->SkArKey, @@ -1634,6 +1651,10 @@ Ikev2GenerateSaKeys ( // Fourth, Sk_ei // IkeSaSession->IkeKeys->SkEiKey = AllocateZeroPool (EncryptAlgKeyLen); + if (IkeSaSession->IkeKeys->SkEiKey == NULL) { + Status = EFI_OUT_OF_RESOURCES; + goto Exit; + } IkeSaSession->IkeKeys->SkEiKeySize = EncryptAlgKeyLen; CopyMem ( @@ -1651,6 +1672,10 @@ Ikev2GenerateSaKeys ( // Fifth, Sk_er // IkeSaSession->IkeKeys->SkErKey = AllocateZeroPool (EncryptAlgKeyLen); + if (IkeSaSession->IkeKeys->SkErKey == NULL) { + Status = EFI_OUT_OF_RESOURCES; + goto Exit; + } IkeSaSession->IkeKeys->SkErKeySize = EncryptAlgKeyLen; CopyMem ( @@ -1668,6 +1693,10 @@ Ikev2GenerateSaKeys ( // Sixth, Sk_pi // IkeSaSession->IkeKeys->SkPiKey = AllocateZeroPool (AuthAlgKeyLen); + if (IkeSaSession->IkeKeys->SkPiKey == NULL) { + Status = EFI_OUT_OF_RESOURCES; + goto Exit; + } IkeSaSession->IkeKeys->SkPiKeySize = AuthAlgKeyLen; CopyMem ( @@ -1685,6 +1714,10 @@ Ikev2GenerateSaKeys ( // Seventh, Sk_pr // IkeSaSession->IkeKeys->SkPrKey = AllocateZeroPool (AuthAlgKeyLen); + if (IkeSaSession->IkeKeys->SkPrKey == NULL) { + Status = EFI_OUT_OF_RESOURCES; + goto Exit; + } IkeSaSession->IkeKeys->SkPrKeySize = AuthAlgKeyLen; CopyMem ( @@ -1709,6 +1742,31 @@ Exit: if (OutputKey != NULL) { FreePool (OutputKey); } + + if (EFI_ERROR(Status)) { + if (IkeSaSession->IkeKeys->SkdKey != NULL) { + FreePool (IkeSaSession->IkeKeys->SkdKey); + } + if (IkeSaSession->IkeKeys->SkAiKey != NULL) { + FreePool (IkeSaSession->IkeKeys->SkAiKey); + } + if (IkeSaSession->IkeKeys->SkArKey != NULL) { + FreePool (IkeSaSession->IkeKeys->SkArKey); + } + if (IkeSaSession->IkeKeys->SkEiKey != NULL) { + FreePool (IkeSaSession->IkeKeys->SkEiKey); + } + if (IkeSaSession->IkeKeys->SkErKey != NULL) { + FreePool (IkeSaSession->IkeKeys->SkErKey); + } + if (IkeSaSession->IkeKeys->SkPiKey != NULL) { + FreePool (IkeSaSession->IkeKeys->SkPiKey); + } + if (IkeSaSession->IkeKeys->SkPrKey != NULL) { + FreePool (IkeSaSession->IkeKeys->SkPrKey); + } + } + return Status; } @@ -1737,6 +1795,9 @@ Ikev2GenerateChildSaKeys ( UINT8* OutputKey; UINTN OutputKeyLength; + Status = EFI_SUCCESS; + OutputKey = NULL; + if (KePayload != NULL) { // // Generate Gxy @@ -1760,7 +1821,8 @@ Ikev2GenerateChildSaKeys ( OutputKeyLength = 2 * EncryptAlgKeyLen + 2 * IntegrityAlgKeyLen; if ((EncryptAlgKeyLen == 0) || (IntegrityAlgKeyLen == 0)) { - return EFI_UNSUPPORTED; + Status = EFI_UNSUPPORTED; + goto Exit; } // @@ -1769,6 +1831,10 @@ Ikev2GenerateChildSaKeys ( // otherwise, KEYMAT = prf+(SK_d, Ni | Nr ) // OutputKey = AllocateZeroPool (OutputKeyLength); + if (OutputKey == NULL) { + Status = EFI_OUT_OF_RESOURCES; + goto Exit; + } // // Derive Key from the SkdKey Buffer. @@ -1784,8 +1850,7 @@ Ikev2GenerateChildSaKeys ( ); if (EFI_ERROR (Status)) { - FreePool (OutputKey); - return Status; + goto Exit; } // @@ -1800,6 +1865,10 @@ Ikev2GenerateChildSaKeys ( ChildSaSession->ChildKeymats.LocalPeerInfo.EspAlgoInfo.EncAlgoId = (UINT8)SaParams->EncAlgId; ChildSaSession->ChildKeymats.LocalPeerInfo.EspAlgoInfo.EncKeyLength = EncryptAlgKeyLen; ChildSaSession->ChildKeymats.LocalPeerInfo.EspAlgoInfo.EncKey = AllocateZeroPool (EncryptAlgKeyLen); + if (ChildSaSession->ChildKeymats.LocalPeerInfo.EspAlgoInfo.EncKey == NULL) { + Status = EFI_OUT_OF_RESOURCES; + goto Exit; + } CopyMem ( ChildSaSession->ChildKeymats.LocalPeerInfo.EspAlgoInfo.EncKey, @@ -1813,7 +1882,11 @@ Ikev2GenerateChildSaKeys ( ChildSaSession->ChildKeymats.LocalPeerInfo.EspAlgoInfo.AuthAlgoId = (UINT8)SaParams->IntegAlgId; ChildSaSession->ChildKeymats.LocalPeerInfo.EspAlgoInfo.AuthKeyLength = IntegrityAlgKeyLen; ChildSaSession->ChildKeymats.LocalPeerInfo.EspAlgoInfo.AuthKey = AllocateZeroPool (IntegrityAlgKeyLen); - + if (ChildSaSession->ChildKeymats.LocalPeerInfo.EspAlgoInfo.AuthKey == NULL) { + Status = EFI_OUT_OF_RESOURCES; + goto Exit; + } + CopyMem ( ChildSaSession->ChildKeymats.LocalPeerInfo.EspAlgoInfo.AuthKey, OutputKey + EncryptAlgKeyLen, @@ -1826,7 +1899,11 @@ Ikev2GenerateChildSaKeys ( ChildSaSession->ChildKeymats.RemotePeerInfo.EspAlgoInfo.EncAlgoId = (UINT8)SaParams->EncAlgId; ChildSaSession->ChildKeymats.RemotePeerInfo.EspAlgoInfo.EncKeyLength = EncryptAlgKeyLen; ChildSaSession->ChildKeymats.RemotePeerInfo.EspAlgoInfo.EncKey = AllocateZeroPool (EncryptAlgKeyLen); - + if (ChildSaSession->ChildKeymats.RemotePeerInfo.EspAlgoInfo.EncKey == NULL) { + Status = EFI_OUT_OF_RESOURCES; + goto Exit; + } + CopyMem ( ChildSaSession->ChildKeymats.RemotePeerInfo.EspAlgoInfo.EncKey, OutputKey + EncryptAlgKeyLen + IntegrityAlgKeyLen, @@ -1839,6 +1916,10 @@ Ikev2GenerateChildSaKeys ( ChildSaSession->ChildKeymats.RemotePeerInfo.EspAlgoInfo.AuthAlgoId = (UINT8)SaParams->IntegAlgId; ChildSaSession->ChildKeymats.RemotePeerInfo.EspAlgoInfo.AuthKeyLength = IntegrityAlgKeyLen; ChildSaSession->ChildKeymats.RemotePeerInfo.EspAlgoInfo.AuthKey = AllocateZeroPool (IntegrityAlgKeyLen); + if (ChildSaSession->ChildKeymats.RemotePeerInfo.EspAlgoInfo.AuthKey == NULL) { + Status = EFI_OUT_OF_RESOURCES; + goto Exit; + } CopyMem ( ChildSaSession->ChildKeymats.RemotePeerInfo.EspAlgoInfo.AuthKey, @@ -1852,7 +1933,11 @@ Ikev2GenerateChildSaKeys ( ChildSaSession->ChildKeymats.RemotePeerInfo.EspAlgoInfo.EncAlgoId = (UINT8)SaParams->EncAlgId; ChildSaSession->ChildKeymats.RemotePeerInfo.EspAlgoInfo.EncKeyLength = EncryptAlgKeyLen; ChildSaSession->ChildKeymats.RemotePeerInfo.EspAlgoInfo.EncKey = AllocateZeroPool (EncryptAlgKeyLen); - + if (ChildSaSession->ChildKeymats.RemotePeerInfo.EspAlgoInfo.EncKey == NULL) { + Status = EFI_OUT_OF_RESOURCES; + goto Exit; + } + CopyMem ( ChildSaSession->ChildKeymats.RemotePeerInfo.EspAlgoInfo.EncKey, OutputKey, @@ -1865,7 +1950,11 @@ Ikev2GenerateChildSaKeys ( ChildSaSession->ChildKeymats.RemotePeerInfo.EspAlgoInfo.AuthAlgoId = (UINT8)SaParams->IntegAlgId; ChildSaSession->ChildKeymats.RemotePeerInfo.EspAlgoInfo.AuthKeyLength = IntegrityAlgKeyLen; ChildSaSession->ChildKeymats.RemotePeerInfo.EspAlgoInfo.AuthKey = AllocateZeroPool (IntegrityAlgKeyLen); - + if (ChildSaSession->ChildKeymats.RemotePeerInfo.EspAlgoInfo.AuthKey == NULL) { + Status = EFI_OUT_OF_RESOURCES; + goto Exit; + } + CopyMem ( ChildSaSession->ChildKeymats.RemotePeerInfo.EspAlgoInfo.AuthKey, OutputKey + EncryptAlgKeyLen, @@ -1878,7 +1967,11 @@ Ikev2GenerateChildSaKeys ( ChildSaSession->ChildKeymats.LocalPeerInfo.EspAlgoInfo.EncAlgoId = (UINT8)SaParams->EncAlgId; ChildSaSession->ChildKeymats.LocalPeerInfo.EspAlgoInfo.EncKeyLength = EncryptAlgKeyLen; ChildSaSession->ChildKeymats.LocalPeerInfo.EspAlgoInfo.EncKey = AllocateZeroPool (EncryptAlgKeyLen); - + if (ChildSaSession->ChildKeymats.LocalPeerInfo.EspAlgoInfo.EncKey == NULL) { + Status = EFI_OUT_OF_RESOURCES; + goto Exit; + } + CopyMem ( ChildSaSession->ChildKeymats.LocalPeerInfo.EspAlgoInfo.EncKey, OutputKey + EncryptAlgKeyLen + IntegrityAlgKeyLen, @@ -1891,7 +1984,11 @@ Ikev2GenerateChildSaKeys ( ChildSaSession->ChildKeymats.LocalPeerInfo.EspAlgoInfo.AuthAlgoId = (UINT8)SaParams->IntegAlgId; ChildSaSession->ChildKeymats.LocalPeerInfo.EspAlgoInfo.AuthKeyLength = IntegrityAlgKeyLen; ChildSaSession->ChildKeymats.LocalPeerInfo.EspAlgoInfo.AuthKey = AllocateZeroPool (IntegrityAlgKeyLen); - + if (ChildSaSession->ChildKeymats.LocalPeerInfo.EspAlgoInfo.AuthKey == NULL) { + Status = EFI_OUT_OF_RESOURCES; + goto Exit; + } + CopyMem ( ChildSaSession->ChildKeymats.LocalPeerInfo.EspAlgoInfo.AuthKey, OutputKey + 2 * EncryptAlgKeyLen + IntegrityAlgKeyLen, @@ -1920,7 +2017,27 @@ Ikev2GenerateChildSaKeys ( IntegrityAlgKeyLen ); - FreePool (OutputKey); + + +Exit: + if (EFI_ERROR (Status)) { + if (ChildSaSession->ChildKeymats.LocalPeerInfo.EspAlgoInfo.EncKey != NULL) { + FreePool (ChildSaSession->ChildKeymats.LocalPeerInfo.EspAlgoInfo.EncKey); + } + if (ChildSaSession->ChildKeymats.LocalPeerInfo.EspAlgoInfo.AuthKey != NULL) { + FreePool (ChildSaSession->ChildKeymats.LocalPeerInfo.EspAlgoInfo.AuthKey); + } + if (ChildSaSession->ChildKeymats.RemotePeerInfo.EspAlgoInfo.EncKey != NULL) { + FreePool (ChildSaSession->ChildKeymats.RemotePeerInfo.EspAlgoInfo.EncKey); + } + if (ChildSaSession->ChildKeymats.RemotePeerInfo.EspAlgoInfo.AuthKey != NULL) { + FreePool (ChildSaSession->ChildKeymats.RemotePeerInfo.EspAlgoInfo.AuthKey); + } + } + + if (OutputKey != NULL) { + FreePool (OutputKey); + } return EFI_SUCCESS; } diff --git a/NetworkPkg/IpSecDxe/Ikev2/Utility.c b/NetworkPkg/IpSecDxe/Ikev2/Utility.c index 4c461b3742..80720ffb03 100644 --- a/NetworkPkg/IpSecDxe/Ikev2/Utility.c +++ b/NetworkPkg/IpSecDxe/Ikev2/Utility.c @@ -1,7 +1,7 @@ /** @file The Common operations used by IKE Exchange Process. - Copyright (c) 2010, Intel Corporation. All rights reserved.
+ Copyright (c) 2010 - 2011, Intel Corporation. All rights reserved.
This program and the accompanying materials are licensed and made available under the terms and conditions of the BSD License @@ -947,6 +947,7 @@ Ikev2ChildSaSilentDelete ( // IsRemoteFound = TRUE; RemoteSelector = AllocateZeroPool (SelectorSize); + ASSERT (RemoteSelector != NULL); CopyMem (RemoteSelector, Selector, SelectorSize); } @@ -957,6 +958,7 @@ Ikev2ChildSaSilentDelete ( // IsLocalFound = TRUE; LocalSelector = AllocateZeroPool (SelectorSize); + ASSERT (LocalSelector != NULL); CopyMem (LocalSelector, Selector, SelectorSize); } } diff --git a/NetworkPkg/IpSecDxe/IpSecConfigImpl.c b/NetworkPkg/IpSecDxe/IpSecConfigImpl.c index 87f85e7ca6..6eabfe45de 100644 --- a/NetworkPkg/IpSecDxe/IpSecConfigImpl.c +++ b/NetworkPkg/IpSecDxe/IpSecConfigImpl.c @@ -1,7 +1,7 @@ /** @file The implementation of IPSEC_CONFIG_PROTOCOL. - Copyright (c) 2009 - 2010, Intel Corporation. All rights reserved.
+ Copyright (c) 2009 - 2011, Intel Corporation. All rights reserved.
This program and the accompanying materials are licensed and made available under the terms and conditions of the BSD License @@ -2196,6 +2196,10 @@ IpSecGetVariable ( VariableNameISizeNew, VariableNameI ); + if (VariableNameI == NULL) { + Status = EFI_OUT_OF_RESOURCES; + break; + } VariableNameISize = VariableNameISizeNew; Status = gRT->GetNextVariableName ( @@ -2272,7 +2276,9 @@ IpSecGetVariable ( } ON_EXIT: - FreePool (VariableNameI); + if (VariableNameI != NULL) { + FreePool (VariableNameI); + } return Status; } @@ -2700,7 +2706,7 @@ IpSecCopyPolicyEntry ( Buffer->Capacity += EntrySize; TempPoint = AllocatePool (Buffer->Capacity); - if (Buffer->Ptr == NULL) { + if (TempPoint == NULL) { return EFI_OUT_OF_RESOURCES; } // diff --git a/NetworkPkg/IpSecDxe/IpSecImpl.c b/NetworkPkg/IpSecDxe/IpSecImpl.c index 4737257809..50cd4d8540 100644 --- a/NetworkPkg/IpSecDxe/IpSecImpl.c +++ b/NetworkPkg/IpSecDxe/IpSecImpl.c @@ -1237,6 +1237,7 @@ IpSecTunnelOutboundPacket ( ); } else { InnerHead = AllocateZeroPool (sizeof (EFI_IP6_HEADER) + *OptionsLength); + ASSERT (InnerHead != NULL); CopyMem ( InnerHead, IpHead, diff --git a/ShellPkg/Library/UefiFileHandleLib/UefiFileHandleLib.c b/ShellPkg/Library/UefiFileHandleLib/UefiFileHandleLib.c index a4820c9970..116c78f38b 100644 --- a/ShellPkg/Library/UefiFileHandleLib/UefiFileHandleLib.c +++ b/ShellPkg/Library/UefiFileHandleLib/UefiFileHandleLib.c @@ -765,6 +765,9 @@ StrnCatGrowLeft ( } else { *Destination = AllocateZeroPool(Count+sizeof(CHAR16)); } + if (*Destination == NULL) { + return NULL; + } CopySize = StrSize(*Destination); CopyMem((*Destination)+((Count-2)/sizeof(CHAR16)), *Destination, CopySize); diff --git a/ShellPkg/Library/UefiShellLib/UefiShellLib.c b/ShellPkg/Library/UefiShellLib/UefiShellLib.c index 598a2b479a..06e2386378 100644 --- a/ShellPkg/Library/UefiShellLib/UefiShellLib.c +++ b/ShellPkg/Library/UefiShellLib/UefiShellLib.c @@ -1933,6 +1933,9 @@ InternalCommandLineParse ( // initialize the linked list // *CheckPackage = (LIST_ENTRY*)AllocateZeroPool(sizeof(LIST_ENTRY)); + if (*CheckPackage == NULL) { + return EFI_OUT_OF_RESOURCES; + } InitializeListHead(*CheckPackage); // -- cgit v1.2.3