File 54228a37-x86-EFI-fix-freeing-of-uninitialized-p... of Package xen.196

Overview Repositories Revisions Requests Users Attributes Meta

File 54228a37-x86-EFI-fix-freeing-of-uninitialized-pointer.patch of Package xen.196

# Commit c61690fb76f9a51a8c932d76929b67bd0940febe
# Date 2014-09-24 11:09:11 +0200
# Author Roy Franz <roy.franz@linaro.org>
# Committer Jan Beulich <jbeulich@suse.com>
x86/EFI: fix freeing of uninitialized pointer

The only valid response from the LocateHandle() call is EFI_BUFFER_TOO_SMALL,
so exit if we get anything else.  We pass a 0 size/NULL pointer buffer, so the
only other returns we will get is an error.  Return right away as there is
nothing to do.  Also return if there is an error allocating the buffer, as the
previous code path also allowed for an undefined pointer to be freed.

Signed-off-by: Roy Franz <roy.franz@linaro.org>

Re-structure the change.

Signed-off-by: Jan Beulich <jbeulich@suse.com>

--- a/xen/arch/x86/efi/boot.c
+++ b/xen/arch/x86/efi/boot.c
@@ -595,11 +595,12 @@ static void __init setup_efi_pci(void)
     struct efi_pci_rom *last = NULL;
 
     status = efi_bs->LocateHandle(ByProtocol, &pci_guid, NULL, &size, NULL);
-    if ( status == EFI_BUFFER_TOO_SMALL )
-        status = efi_bs->AllocatePool(EfiLoaderData, size, (void **)&handles);
-    if ( !EFI_ERROR(status) )
-        status = efi_bs->LocateHandle(ByProtocol, &pci_guid, NULL, &size,
-                                      handles);
+    if ( status != EFI_BUFFER_TOO_SMALL )
+        return;
+    status = efi_bs->AllocatePool(EfiLoaderData, size, (void **)&handles);
+    if ( EFI_ERROR(status) )
+        return;
+    status = efi_bs->LocateHandle(ByProtocol, &pci_guid, NULL, &size, handles);
     if ( EFI_ERROR(status) )
         size = 0;

Places

File 54228a37-x86-EFI-fix-freeing-of-uninitialized-pointer.patch of Package xen.196

Places