From aee257db53c87e5657b9e2c8aa558b58c4ec0fb4 Mon Sep 17 00:00:00 2001 From: Eric Dong Date: Tue, 19 May 2015 09:26:25 +0000 Subject: MdeModulePkg: Fix potential buffer overflow issues. Contributed-under: TianoCore Contribution Agreement 1.0 Signed-off-by: Eric Dong Reviewed-by: Liming Gao git-svn-id: https://svn.code.sf.net/p/edk2/code/trunk/edk2@17472 6f19259b-4bc3-4df7-8a09-765794883524 --- MdeModulePkg/Universal/SetupBrowserDxe/Expression.c | 5 ++++- MdeModulePkg/Universal/SetupBrowserDxe/IfrParse.c | 2 +- 2 files changed, 5 insertions(+), 2 deletions(-) (limited to 'MdeModulePkg/Universal/SetupBrowserDxe') diff --git a/MdeModulePkg/Universal/SetupBrowserDxe/Expression.c b/MdeModulePkg/Universal/SetupBrowserDxe/Expression.c index 01e114b0e3..637cfda3f6 100644 --- a/MdeModulePkg/Universal/SetupBrowserDxe/Expression.c +++ b/MdeModulePkg/Universal/SetupBrowserDxe/Expression.c @@ -1561,12 +1561,15 @@ IfrMatch2 ( &BufferSize, HandleBuffer); - } else if (EFI_ERROR (Status)) { + } + + if (EFI_ERROR (Status)) { Result->Type = EFI_IFR_TYPE_UNDEFINED; Status = EFI_SUCCESS; goto Done; } + ASSERT (HandleBuffer != NULL); for ( Index = 0; Index < BufferSize / sizeof(EFI_HANDLE); Index ++) { Status = gBS->HandleProtocol ( HandleBuffer[Index], diff --git a/MdeModulePkg/Universal/SetupBrowserDxe/IfrParse.c b/MdeModulePkg/Universal/SetupBrowserDxe/IfrParse.c index 8ddc449e69..3785c32f3c 100644 --- a/MdeModulePkg/Universal/SetupBrowserDxe/IfrParse.c +++ b/MdeModulePkg/Universal/SetupBrowserDxe/IfrParse.c @@ -2144,6 +2144,7 @@ ParseOpCodes ( // Option // case EFI_IFR_ONE_OF_OPTION_OP: + ASSERT (ParentStatement != NULL); if (ParentStatement->Operand == EFI_IFR_ORDERED_LIST_OP && ((((EFI_IFR_ONE_OF_OPTION *) OpCodeData)->Flags & (EFI_IFR_OPTION_DEFAULT | EFI_IFR_OPTION_DEFAULT_MFG)) != 0)) { // // It's keep the default value for ordered list opcode. @@ -2198,7 +2199,6 @@ ParseOpCodes ( CopyMem (CurrentOption->SuppressExpression->Expression, GetConditionalExpressionList(ExpressOption), (UINTN) (sizeof (FORM_EXPRESSION *) * ConditionalExprCount)); } - ASSERT (ParentStatement != NULL); // // Insert to Option list of current Question // -- cgit v1.2.3