Add pointer check for NULL before dereference it.

author sfu5 <sfu5@6f19259b-4bc3-4df7-8a09-765794883524>

Sat, 8 Oct 2011 02:55:30 +0000 (02:55 +0000)

committer sfu5 <sfu5@6f19259b-4bc3-4df7-8a09-765794883524>

Sat, 8 Oct 2011 02:55:30 +0000 (02:55 +0000)
author sfu5 <sfu5@6f19259b-4bc3-4df7-8a09-765794883524>
Sat, 8 Oct 2011 02:55:30 +0000 (02:55 +0000)
committer sfu5 <sfu5@6f19259b-4bc3-4df7-8a09-765794883524>
Sat, 8 Oct 2011 02:55:30 +0000 (02:55 +0000)
diff --git a/MdeModulePkg/Library/UefiHiiLib/HiiLib.c b/MdeModulePkg/Library/UefiHiiLib/HiiLib.c

index ea347fd82a7c7a91d6363d587893dbe827c17296..a87441e2c0ed491a428237aee4f7c46614a04b69 100644 (file)
--- a/MdeModulePkg/Library/UefiHiiLib/HiiLib.c
+++ b/MdeModulePkg/Library/UefiHiiLib/HiiLib.c
@@ -2446,9 +2446,7 @@ InternalHiiGrowOpCodeHandle (
                OpCodeBuffer->BufferSize + (Size + HII_LIB_OPCODE_ALLOCATION_SIZE),\r
                OpCodeBuffer->Buffer\r
                );\r
                OpCodeBuffer->BufferSize + (Size + HII_LIB_OPCODE_ALLOCATION_SIZE),\r
                OpCodeBuffer->Buffer\r
                );\r
-    if (Buffer == NULL) {\r
-      return NULL;\r
-    }\r
+    ASSERT (Buffer != NULL);\r
      OpCodeBuffer->Buffer = Buffer;\r
      OpCodeBuffer->BufferSize += (Size + HII_LIB_OPCODE_ALLOCATION_SIZE);\r
    }\r
      OpCodeBuffer->Buffer = Buffer;\r
      OpCodeBuffer->BufferSize += (Size + HII_LIB_OPCODE_ALLOCATION_SIZE);\r
    }\r
diff --git a/NetworkPkg/Ip6Dxe/Ip6Nd.c b/NetworkPkg/Ip6Dxe/Ip6Nd.c

index 47ef74be52a866f3eec7ac40d3197745b959f37c..4bcf1a6d44a3a118c11b19cdb0a2ae006edf9cea 100644 (file)
--- a/NetworkPkg/Ip6Dxe/Ip6Nd.c
+++ b/NetworkPkg/Ip6Dxe/Ip6Nd.c
@@ -1497,13 +1497,16 @@ Ip6ProcessNeighborSolicit (
      goto Exit;\r
    } else {\r
      OptionLen = (UINT16) (Head->PayloadLength - IP6_ND_LENGTH);\r
      goto Exit;\r
    } else {\r
      OptionLen = (UINT16) (Head->PayloadLength - IP6_ND_LENGTH);\r
-    Option    = NetbufGetByte (Packet, IP6_ND_LENGTH, NULL);\r
+    if (OptionLen != 0) {\r
+      Option    = NetbufGetByte (Packet, IP6_ND_LENGTH, NULL);\r
+      ASSERT (Option != NULL);\r
  \r
  \r
-    //\r
-    // All included options should have a length that is greater than zero.\r
-    //\r
-    if (!Ip6IsNDOptionValid (Option, OptionLen)) {\r
-      goto Exit;\r
+      //\r
+      // All included options should have a length that is greater than zero.\r
+      //\r
+      if (!Ip6IsNDOptionValid (Option, OptionLen)) {\r
+        goto Exit;\r
+      }\r
      }\r
    }\r
  \r
      }\r
    }\r
  \r
@@ -1733,13 +1736,16 @@ Ip6ProcessNeighborAdvertise (
      goto Exit;\r
    } else {\r
      OptionLen = (UINT16) (Head->PayloadLength - IP6_ND_LENGTH);\r
      goto Exit;\r
    } else {\r
      OptionLen = (UINT16) (Head->PayloadLength - IP6_ND_LENGTH);\r
-    Option    = NetbufGetByte (Packet, IP6_ND_LENGTH, NULL);\r
+    if (OptionLen != 0) {\r
+      Option    = NetbufGetByte (Packet, IP6_ND_LENGTH, NULL);\r
+      ASSERT (Option != NULL);\r
  \r
  \r
-    //\r
-    // All included options should have a length that is greater than zero.\r
-    //\r
-    if (!Ip6IsNDOptionValid (Option, OptionLen)) {\r
-      goto Exit;\r
+      //\r
+      // All included options should have a length that is greater than zero.\r
+      //\r
+      if (!Ip6IsNDOptionValid (Option, OptionLen)) {\r
+        goto Exit;\r
+      }\r
      }\r
    }\r
  \r
      }\r
    }\r
  \r
@@ -1982,10 +1988,13 @@ Ip6ProcessRouterAdvertise (
    // All included options have a length that is greater than zero.\r
    //\r
    OptionLen = (UINT16) (Head->PayloadLength - IP6_RA_LENGTH);\r
    // All included options have a length that is greater than zero.\r
    //\r
    OptionLen = (UINT16) (Head->PayloadLength - IP6_RA_LENGTH);\r
-  Option    = NetbufGetByte (Packet, IP6_RA_LENGTH, NULL);\r
+  if (OptionLen != 0) {\r
+    Option    = NetbufGetByte (Packet, IP6_RA_LENGTH, NULL);\r
+    ASSERT (Option != NULL);\r
  \r
  \r
-  if (!Ip6IsNDOptionValid (Option, OptionLen)) {\r
-    goto Exit;\r
+    if (!Ip6IsNDOptionValid (Option, OptionLen)) {\r
+      goto Exit;\r
+    }\r
    }\r
  \r
    //\r
    }\r
  \r
    //\r
@@ -2428,10 +2437,13 @@ Ip6ProcessRedirect (
    // All included options have a length that is greater than zero.\r
    //\r
    OptionLen = (UINT16) (Head->PayloadLength - IP6_REDITECT_LENGTH);\r
    // All included options have a length that is greater than zero.\r
    //\r
    OptionLen = (UINT16) (Head->PayloadLength - IP6_REDITECT_LENGTH);\r
-  Option    = NetbufGetByte (Packet, IP6_REDITECT_LENGTH, NULL);\r
+  if (OptionLen != 0) {\r
+    Option    = NetbufGetByte (Packet, IP6_REDITECT_LENGTH, NULL);\r
+    ASSERT (Option != NULL);\r
  \r
  \r
-  if (!Ip6IsNDOptionValid (Option, OptionLen)) {\r
-    goto Exit;\r
+    if (!Ip6IsNDOptionValid (Option, OptionLen)) {\r
+      goto Exit;\r
+    }\r
    }\r
  \r
    Target   = (EFI_IPv6_ADDRESS *) (Icmp + 1);\r
    }\r
  \r
    Target   = (EFI_IPv6_ADDRESS *) (Icmp + 1);\r
diff --git a/NetworkPkg/IpSecDxe/Ikev2/Payload.c b/NetworkPkg/IpSecDxe/Ikev2/Payload.c

index 438b437aecd6dc200bd49926863b48cb68c0c282..333074d2606d0c9fae4c72a000c2d6a5c615939b 100644 (file)
--- a/NetworkPkg/IpSecDxe/Ikev2/Payload.c
+++ b/NetworkPkg/IpSecDxe/Ikev2/Payload.c
@@ -1,7 +1,7 @@
  /** @file\r
    The implementation of Payloads Creation.\r
  \r
  /** @file\r
    The implementation of Payloads Creation.\r
  \r
-  Copyright (c) 2010, Intel Corporation. All rights reserved.<BR>\r
+  Copyright (c) 2010 - 2011, Intel Corporation. All rights reserved.<BR>\r
  \r
    This program and the accompanying materials\r
    are licensed and made available under the terms and conditions of the BSD License\r
  \r
    This program and the accompanying materials\r
    are licensed and made available under the terms and conditions of the BSD License\r
@@ -311,6 +311,9 @@ Ikev2GenerateCertIdPayload (
      &CertSubject,\r
      &SubjectSize\r
      );\r
      &CertSubject,\r
      &SubjectSize\r
      );\r
+  if (SubjectSize != 0) {\r
+    ASSERT (CertSubject != NULL);\r
+  }\r
  \r
    IdSize = sizeof (IKEV2_ID) + SubjectSize;\r
  \r
  \r
    IdSize = sizeof (IKEV2_ID) + SubjectSize;\r
  \r
@@ -757,7 +760,7 @@ Ikev2CertGenerateAuthPayload (
        &SigSize\r
        );\r
  \r
        &SigSize\r
        );\r
  \r
-    if (SigSize == 0) {\r
+    if (SigSize == 0 || Signature == NULL) {\r
        goto EXIT;\r
      }\r
    }\r
        goto EXIT;\r
      }\r
    }\r
@@ -1231,6 +1234,10 @@ Ikev2GenerateDeletePayload (
    //  +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+\r
    //\r
    SpiBufSize    = (UINT16) (SpiSize * SpiNum);\r
    //  +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+\r
    //\r
    SpiBufSize    = (UINT16) (SpiSize * SpiNum);\r
+  if (SpiBufSize != 0 && SpiBuf == NULL) {\r
+    return NULL;\r
+  }\r
+  \r
    DelPayloadLen = (UINT16) (sizeof (IKEV2_DELETE) + SpiBufSize);\r
  \r
    Del           = AllocateZeroPool (DelPayloadLen);\r
    DelPayloadLen = (UINT16) (sizeof (IKEV2_DELETE) + SpiBufSize);\r
  \r
    Del           = AllocateZeroPool (DelPayloadLen);\r
@@ -1498,6 +1505,9 @@ Ikev2GenerateCertificatePayload (
      Fragment[0].DataSize = PublicKeyLen;\r
      HashDataSize      = IpSecGetHmacDigestLength (IKE_AALG_SHA1HMAC);\r
      HashData          = AllocateZeroPool (HashDataSize);\r
      Fragment[0].DataSize = PublicKeyLen;\r
      HashDataSize      = IpSecGetHmacDigestLength (IKE_AALG_SHA1HMAC);\r
      HashData          = AllocateZeroPool (HashDataSize);\r
+    if (HashData == NULL) {\r
+      goto ON_EXIT;\r
+    }\r
      \r
      Status = IpSecCryptoIoHash (\r
                 IKE_AALG_SHA1HMAC,\r
      \r
      Status = IpSecCryptoIoHash (\r
                 IKE_AALG_SHA1HMAC,\r
@@ -2289,6 +2299,10 @@ Ikev2DecodePacket (
      IkeSaSession = IKEV2_SA_SESSION_FROM_COMMON (SessionCommon);\r
      if (SessionCommon->IsInitiator) {\r
        IkeSaSession->RespPacket     = AllocateZeroPool (IkePacket->Header->Length);\r
      IkeSaSession = IKEV2_SA_SESSION_FROM_COMMON (SessionCommon);\r
      if (SessionCommon->IsInitiator) {\r
        IkeSaSession->RespPacket     = AllocateZeroPool (IkePacket->Header->Length);\r
+      if (IkeSaSession->RespPacket == NULL) {\r
+        Status = EFI_OUT_OF_RESOURCES;\r
+        goto Exit; \r
+      }\r
        IkeSaSession->RespPacketSize = IkePacket->Header->Length;\r
        CopyMem (IkeSaSession->RespPacket, IkeHeader, sizeof (IKE_HEADER));\r
        CopyMem (\r
        IkeSaSession->RespPacketSize = IkePacket->Header->Length;\r
        CopyMem (IkeSaSession->RespPacket, IkeHeader, sizeof (IKE_HEADER));\r
        CopyMem (\r
@@ -2298,6 +2312,10 @@ Ikev2DecodePacket (
          );         \r
      } else {\r
        IkeSaSession->InitPacket     = AllocateZeroPool (IkePacket->Header->Length);\r
          );         \r
      } else {\r
        IkeSaSession->InitPacket     = AllocateZeroPool (IkePacket->Header->Length);\r
+      if (IkeSaSession->InitPacket == NULL) {\r
+        Status = EFI_OUT_OF_RESOURCES;\r
+        goto Exit; \r
+      }\r
        IkeSaSession->InitPacketSize = IkePacket->Header->Length;\r
        CopyMem (IkeSaSession->InitPacket, IkeHeader, sizeof (IKE_HEADER));\r
        CopyMem (\r
        IkeSaSession->InitPacketSize = IkePacket->Header->Length;\r
        CopyMem (IkeSaSession->InitPacket, IkeHeader, sizeof (IKE_HEADER));\r
        CopyMem (\r
@@ -2766,6 +2784,8 @@ Ikev2EncryptPacket (
    UINTN                  CryptKeyLength;\r
    HASH_DATA_FRAGMENT     Fragments[1];\r
  \r
    UINTN                  CryptKeyLength;\r
    HASH_DATA_FRAGMENT     Fragments[1];\r
  \r
+  Status = EFI_SUCCESS;\r
+\r
    //\r
    // Initial all buffers to NULL.\r
    //\r
    //\r
    // Initial all buffers to NULL.\r
    //\r
@@ -2827,6 +2847,10 @@ Ikev2EncryptPacket (
    //\r
    IvSize    = CryptBlockSize;\r
    IvBuffer  = (UINT8 *) AllocateZeroPool (IvSize);\r
    //\r
    IvSize    = CryptBlockSize;\r
    IvBuffer  = (UINT8 *) AllocateZeroPool (IvSize);\r
+  if (IvBuffer == NULL) {\r
+    Status = EFI_OUT_OF_RESOURCES;\r
+    goto ON_EXIT;\r
+  }\r
  \r
    //\r
    // Generate IV\r
  \r
    //\r
    // Generate IV\r
@@ -2892,6 +2916,10 @@ Ikev2EncryptPacket (
    IkePacket->Header->NextPayload = IKEV2_PAYLOAD_TYPE_ENCRYPT;\r
    \r
    IntegrityBuf                   = AllocateZeroPool (IkePacket->Header->Length);\r
    IkePacket->Header->NextPayload = IKEV2_PAYLOAD_TYPE_ENCRYPT;\r
    \r
    IntegrityBuf                   = AllocateZeroPool (IkePacket->Header->Length);\r
+  if (IntegrityBuf == NULL) {\r
+    Status = EFI_OUT_OF_RESOURCES;\r
+    goto ON_EXIT;\r
+  }\r
    IntegrityBufSize               = IkePacket->Header->Length;\r
    IkeHdrHostToNet (IkePacket->Header);\r
  \r
    IntegrityBufSize               = IkePacket->Header->Length;\r
    IkeHdrHostToNet (IkePacket->Header);\r
  \r
@@ -2905,6 +2933,10 @@ Ikev2EncryptPacket (
    Fragments[0].DataSize = EncryptPayloadSize + sizeof (IKE_HEADER) - CheckSumSize;\r
  \r
    CheckSumData = AllocateZeroPool (CheckSumSize);\r
    Fragments[0].DataSize = EncryptPayloadSize + sizeof (IKE_HEADER) - CheckSumSize;\r
  \r
    CheckSumData = AllocateZeroPool (CheckSumSize);\r
+  if (CheckSumData == NULL) {\r
+    Status = EFI_OUT_OF_RESOURCES;\r
+    goto ON_EXIT;\r
+  }\r
    if (SessionCommon->IsInitiator) {\r
  \r
      IpSecCryptoIoHmac (\r
    if (SessionCommon->IsInitiator) {\r
  \r
      IpSecCryptoIoHmac (\r
diff --git a/NetworkPkg/IpSecDxe/Ikev2/Sa.c b/NetworkPkg/IpSecDxe/Ikev2/Sa.c

index e32d2567ea6ec6780f96598cfd541eeeab7c2ef3..ae13e4d1b42616f9281ce57c40afdad9e0d39442 100644 (file)
--- a/NetworkPkg/IpSecDxe/Ikev2/Sa.c
+++ b/NetworkPkg/IpSecDxe/Ikev2/Sa.c
@@ -1496,6 +1496,7 @@ Ikev2GenerateSaKeys (
    Digest    = NULL;\r
    OutputKey = NULL;\r
    KeyBuffer = NULL;\r
    Digest    = NULL;\r
    OutputKey = NULL;\r
    KeyBuffer = NULL;\r
+  Status = EFI_SUCCESS;\r
  \r
    //\r
    // Generate Gxy\r
  \r
    //\r
    // Generate Gxy\r
@@ -1581,6 +1582,10 @@ Ikev2GenerateSaKeys (
                      2 * AuthAlgKeyLen +\r
                      2 * IntegrityAlgKeyLen;\r
    OutputKey       = AllocateZeroPool (OutputKeyLength);\r
                      2 * AuthAlgKeyLen +\r
                      2 * IntegrityAlgKeyLen;\r
    OutputKey       = AllocateZeroPool (OutputKeyLength);\r
+  if (OutputKey == NULL) {\r
+    Status = EFI_OUT_OF_RESOURCES;\r
+    goto Exit;\r
+  }\r
  \r
    //\r
    // Generate Seven Keymates.\r
  \r
    //\r
    // Generate Seven Keymates.\r
@@ -1603,6 +1608,10 @@ Ikev2GenerateSaKeys (
    // First, SK_d\r
    //\r
    IkeSaSession->IkeKeys->SkdKey     = AllocateZeroPool (PrfAlgKeyLen);\r
    // First, SK_d\r
    //\r
    IkeSaSession->IkeKeys->SkdKey     = AllocateZeroPool (PrfAlgKeyLen);\r
+  if (IkeSaSession->IkeKeys->SkdKey == NULL) {\r
+    Status = EFI_OUT_OF_RESOURCES;\r
+    goto Exit;\r
+  }\r
    IkeSaSession->IkeKeys->SkdKeySize = PrfAlgKeyLen;\r
    CopyMem (IkeSaSession->IkeKeys->SkdKey, OutputKey, PrfAlgKeyLen);\r
  \r
    IkeSaSession->IkeKeys->SkdKeySize = PrfAlgKeyLen;\r
    CopyMem (IkeSaSession->IkeKeys->SkdKey, OutputKey, PrfAlgKeyLen);\r
  \r
@@ -1612,6 +1621,10 @@ Ikev2GenerateSaKeys (
    // Second, Sk_ai\r
    //\r
    IkeSaSession->IkeKeys->SkAiKey     = AllocateZeroPool (IntegrityAlgKeyLen);\r
    // Second, Sk_ai\r
    //\r
    IkeSaSession->IkeKeys->SkAiKey     = AllocateZeroPool (IntegrityAlgKeyLen);\r
+  if (IkeSaSession->IkeKeys->SkAiKey == NULL) {\r
+    Status = EFI_OUT_OF_RESOURCES;\r
+    goto Exit;\r
+  }\r
    IkeSaSession->IkeKeys->SkAiKeySize = IntegrityAlgKeyLen;\r
    CopyMem (IkeSaSession->IkeKeys->SkAiKey, OutputKey + PrfAlgKeyLen, IntegrityAlgKeyLen);\r
    \r
    IkeSaSession->IkeKeys->SkAiKeySize = IntegrityAlgKeyLen;\r
    CopyMem (IkeSaSession->IkeKeys->SkAiKey, OutputKey + PrfAlgKeyLen, IntegrityAlgKeyLen);\r
    \r
@@ -1621,6 +1634,10 @@ Ikev2GenerateSaKeys (
    // Third, Sk_ar\r
    //\r
    IkeSaSession->IkeKeys->SkArKey     = AllocateZeroPool (IntegrityAlgKeyLen);\r
    // Third, Sk_ar\r
    //\r
    IkeSaSession->IkeKeys->SkArKey     = AllocateZeroPool (IntegrityAlgKeyLen);\r
+  if (IkeSaSession->IkeKeys->SkArKey == NULL) {\r
+    Status = EFI_OUT_OF_RESOURCES;\r
+    goto Exit;\r
+  }\r
    IkeSaSession->IkeKeys->SkArKeySize = IntegrityAlgKeyLen;\r
    CopyMem (\r
      IkeSaSession->IkeKeys->SkArKey,\r
    IkeSaSession->IkeKeys->SkArKeySize = IntegrityAlgKeyLen;\r
    CopyMem (\r
      IkeSaSession->IkeKeys->SkArKey,\r
@@ -1634,6 +1651,10 @@ Ikev2GenerateSaKeys (
    // Fourth, Sk_ei\r
    //\r
    IkeSaSession->IkeKeys->SkEiKey     = AllocateZeroPool (EncryptAlgKeyLen);\r
    // Fourth, Sk_ei\r
    //\r
    IkeSaSession->IkeKeys->SkEiKey     = AllocateZeroPool (EncryptAlgKeyLen);\r
+  if (IkeSaSession->IkeKeys->SkEiKey == NULL) {\r
+    Status = EFI_OUT_OF_RESOURCES;\r
+    goto Exit;\r
+  }\r
    IkeSaSession->IkeKeys->SkEiKeySize = EncryptAlgKeyLen;\r
    \r
    CopyMem (\r
    IkeSaSession->IkeKeys->SkEiKeySize = EncryptAlgKeyLen;\r
    \r
    CopyMem (\r
@@ -1651,6 +1672,10 @@ Ikev2GenerateSaKeys (
    // Fifth, Sk_er\r
    //\r
    IkeSaSession->IkeKeys->SkErKey     = AllocateZeroPool (EncryptAlgKeyLen);\r
    // Fifth, Sk_er\r
    //\r
    IkeSaSession->IkeKeys->SkErKey     = AllocateZeroPool (EncryptAlgKeyLen);\r
+  if (IkeSaSession->IkeKeys->SkErKey == NULL) {\r
+    Status = EFI_OUT_OF_RESOURCES;\r
+    goto Exit;\r
+  }\r
    IkeSaSession->IkeKeys->SkErKeySize = EncryptAlgKeyLen;\r
  \r
    CopyMem (\r
    IkeSaSession->IkeKeys->SkErKeySize = EncryptAlgKeyLen;\r
  \r
    CopyMem (\r
@@ -1668,6 +1693,10 @@ Ikev2GenerateSaKeys (
    // Sixth, Sk_pi\r
    //\r
    IkeSaSession->IkeKeys->SkPiKey     = AllocateZeroPool (AuthAlgKeyLen);\r
    // Sixth, Sk_pi\r
    //\r
    IkeSaSession->IkeKeys->SkPiKey     = AllocateZeroPool (AuthAlgKeyLen);\r
+  if (IkeSaSession->IkeKeys->SkPiKey == NULL) {\r
+    Status = EFI_OUT_OF_RESOURCES;\r
+    goto Exit;\r
+  }\r
    IkeSaSession->IkeKeys->SkPiKeySize = AuthAlgKeyLen;\r
  \r
    CopyMem (\r
    IkeSaSession->IkeKeys->SkPiKeySize = AuthAlgKeyLen;\r
  \r
    CopyMem (\r
@@ -1685,6 +1714,10 @@ Ikev2GenerateSaKeys (
    // Seventh, Sk_pr\r
    //\r
    IkeSaSession->IkeKeys->SkPrKey     = AllocateZeroPool (AuthAlgKeyLen);\r
    // Seventh, Sk_pr\r
    //\r
    IkeSaSession->IkeKeys->SkPrKey     = AllocateZeroPool (AuthAlgKeyLen);\r
+  if (IkeSaSession->IkeKeys->SkPrKey == NULL) {\r
+    Status = EFI_OUT_OF_RESOURCES;\r
+    goto Exit;\r
+  }\r
    IkeSaSession->IkeKeys->SkPrKeySize = AuthAlgKeyLen;\r
  \r
    CopyMem (\r
    IkeSaSession->IkeKeys->SkPrKeySize = AuthAlgKeyLen;\r
  \r
    CopyMem (\r
@@ -1709,6 +1742,31 @@ Exit:
    if (OutputKey != NULL) {\r
      FreePool (OutputKey);\r
    }\r
    if (OutputKey != NULL) {\r
      FreePool (OutputKey);\r
    }\r
+\r
+  if (EFI_ERROR(Status)) {\r
+    if (IkeSaSession->IkeKeys->SkdKey != NULL) {\r
+      FreePool (IkeSaSession->IkeKeys->SkdKey);\r
+    }\r
+    if (IkeSaSession->IkeKeys->SkAiKey != NULL) {\r
+      FreePool (IkeSaSession->IkeKeys->SkAiKey);\r
+    }\r
+    if (IkeSaSession->IkeKeys->SkArKey != NULL) {\r
+      FreePool (IkeSaSession->IkeKeys->SkArKey);\r
+    }\r
+    if (IkeSaSession->IkeKeys->SkEiKey != NULL) {\r
+      FreePool (IkeSaSession->IkeKeys->SkEiKey);\r
+    }\r
+    if (IkeSaSession->IkeKeys->SkErKey != NULL) {\r
+      FreePool (IkeSaSession->IkeKeys->SkErKey);\r
+    }\r
+    if (IkeSaSession->IkeKeys->SkPiKey != NULL) {\r
+      FreePool (IkeSaSession->IkeKeys->SkPiKey);\r
+    }\r
+    if (IkeSaSession->IkeKeys->SkPrKey != NULL) {\r
+      FreePool (IkeSaSession->IkeKeys->SkPrKey);\r
+    }\r
+  }\r
+\r
    \r
    return Status;\r
  }\r
    \r
    return Status;\r
  }\r
@@ -1737,6 +1795,9 @@ Ikev2GenerateChildSaKeys (
    UINT8*              OutputKey;\r
    UINTN               OutputKeyLength;\r
  \r
    UINT8*              OutputKey;\r
    UINTN               OutputKeyLength;\r
  \r
+  Status = EFI_SUCCESS;\r
+  OutputKey = NULL;\r
+  \r
    if (KePayload != NULL) {\r
      //\r
      // Generate Gxy \r
    if (KePayload != NULL) {\r
      //\r
      // Generate Gxy \r
@@ -1760,7 +1821,8 @@ Ikev2GenerateChildSaKeys (
    OutputKeyLength    = 2 * EncryptAlgKeyLen + 2 * IntegrityAlgKeyLen;\r
  \r
    if ((EncryptAlgKeyLen == 0) || (IntegrityAlgKeyLen == 0)) {\r
    OutputKeyLength    = 2 * EncryptAlgKeyLen + 2 * IntegrityAlgKeyLen;\r
  \r
    if ((EncryptAlgKeyLen == 0) || (IntegrityAlgKeyLen == 0)) {\r
-    return EFI_UNSUPPORTED;\r
+    Status = EFI_UNSUPPORTED;\r
+    goto Exit;\r
    }\r
  \r
    //\r
    }\r
  \r
    //\r
@@ -1769,6 +1831,10 @@ Ikev2GenerateChildSaKeys (
    // otherwise, KEYMAT = prf+(SK_d, Ni | Nr )\r
    //\r
    OutputKey = AllocateZeroPool (OutputKeyLength);\r
    // otherwise, KEYMAT = prf+(SK_d, Ni | Nr )\r
    //\r
    OutputKey = AllocateZeroPool (OutputKeyLength);\r
+  if (OutputKey == NULL) {\r
+    Status = EFI_OUT_OF_RESOURCES;\r
+    goto Exit;\r
+  }\r
  \r
    //\r
    // Derive Key from the SkdKey Buffer.\r
  \r
    //\r
    // Derive Key from the SkdKey Buffer.\r
@@ -1784,8 +1850,7 @@ Ikev2GenerateChildSaKeys (
               );\r
  \r
    if (EFI_ERROR (Status)) {\r
               );\r
  \r
    if (EFI_ERROR (Status)) {\r
-    FreePool (OutputKey);\r
-    return Status;\r
+    goto Exit;  \r
    }\r
    \r
    //\r
    }\r
    \r
    //\r
@@ -1800,6 +1865,10 @@ Ikev2GenerateChildSaKeys (
      ChildSaSession->ChildKeymats.LocalPeerInfo.EspAlgoInfo.EncAlgoId    = (UINT8)SaParams->EncAlgId;\r
      ChildSaSession->ChildKeymats.LocalPeerInfo.EspAlgoInfo.EncKeyLength = EncryptAlgKeyLen;\r
      ChildSaSession->ChildKeymats.LocalPeerInfo.EspAlgoInfo.EncKey       = AllocateZeroPool (EncryptAlgKeyLen);\r
      ChildSaSession->ChildKeymats.LocalPeerInfo.EspAlgoInfo.EncAlgoId    = (UINT8)SaParams->EncAlgId;\r
      ChildSaSession->ChildKeymats.LocalPeerInfo.EspAlgoInfo.EncKeyLength = EncryptAlgKeyLen;\r
      ChildSaSession->ChildKeymats.LocalPeerInfo.EspAlgoInfo.EncKey       = AllocateZeroPool (EncryptAlgKeyLen);\r
+    if (ChildSaSession->ChildKeymats.LocalPeerInfo.EspAlgoInfo.EncKey == NULL) {\r
+      Status = EFI_OUT_OF_RESOURCES;\r
+      goto Exit;\r
+    }\r
  \r
      CopyMem (\r
        ChildSaSession->ChildKeymats.LocalPeerInfo.EspAlgoInfo.EncKey,\r
  \r
      CopyMem (\r
        ChildSaSession->ChildKeymats.LocalPeerInfo.EspAlgoInfo.EncKey,\r
@@ -1813,7 +1882,11 @@ Ikev2GenerateChildSaKeys (
      ChildSaSession->ChildKeymats.LocalPeerInfo.EspAlgoInfo.AuthAlgoId    = (UINT8)SaParams->IntegAlgId;\r
      ChildSaSession->ChildKeymats.LocalPeerInfo.EspAlgoInfo.AuthKeyLength = IntegrityAlgKeyLen;\r
      ChildSaSession->ChildKeymats.LocalPeerInfo.EspAlgoInfo.AuthKey       = AllocateZeroPool (IntegrityAlgKeyLen);\r
      ChildSaSession->ChildKeymats.LocalPeerInfo.EspAlgoInfo.AuthAlgoId    = (UINT8)SaParams->IntegAlgId;\r
      ChildSaSession->ChildKeymats.LocalPeerInfo.EspAlgoInfo.AuthKeyLength = IntegrityAlgKeyLen;\r
      ChildSaSession->ChildKeymats.LocalPeerInfo.EspAlgoInfo.AuthKey       = AllocateZeroPool (IntegrityAlgKeyLen);\r
-\r
+    if (ChildSaSession->ChildKeymats.LocalPeerInfo.EspAlgoInfo.AuthKey == NULL) {\r
+      Status = EFI_OUT_OF_RESOURCES;\r
+      goto Exit;\r
+    }    \r
+    \r
      CopyMem (\r
        ChildSaSession->ChildKeymats.LocalPeerInfo.EspAlgoInfo.AuthKey,\r
        OutputKey + EncryptAlgKeyLen,\r
      CopyMem (\r
        ChildSaSession->ChildKeymats.LocalPeerInfo.EspAlgoInfo.AuthKey,\r
        OutputKey + EncryptAlgKeyLen,\r
@@ -1826,7 +1899,11 @@ Ikev2GenerateChildSaKeys (
      ChildSaSession->ChildKeymats.RemotePeerInfo.EspAlgoInfo.EncAlgoId    = (UINT8)SaParams->EncAlgId;\r
      ChildSaSession->ChildKeymats.RemotePeerInfo.EspAlgoInfo.EncKeyLength = EncryptAlgKeyLen;\r
      ChildSaSession->ChildKeymats.RemotePeerInfo.EspAlgoInfo.EncKey       = AllocateZeroPool (EncryptAlgKeyLen);\r
      ChildSaSession->ChildKeymats.RemotePeerInfo.EspAlgoInfo.EncAlgoId    = (UINT8)SaParams->EncAlgId;\r
      ChildSaSession->ChildKeymats.RemotePeerInfo.EspAlgoInfo.EncKeyLength = EncryptAlgKeyLen;\r
      ChildSaSession->ChildKeymats.RemotePeerInfo.EspAlgoInfo.EncKey       = AllocateZeroPool (EncryptAlgKeyLen);\r
-\r
+    if (ChildSaSession->ChildKeymats.RemotePeerInfo.EspAlgoInfo.EncKey == NULL) {\r
+      Status = EFI_OUT_OF_RESOURCES;\r
+      goto Exit;\r
+    }   \r
+    \r
      CopyMem (\r
        ChildSaSession->ChildKeymats.RemotePeerInfo.EspAlgoInfo.EncKey,\r
        OutputKey + EncryptAlgKeyLen + IntegrityAlgKeyLen,\r
      CopyMem (\r
        ChildSaSession->ChildKeymats.RemotePeerInfo.EspAlgoInfo.EncKey,\r
        OutputKey + EncryptAlgKeyLen + IntegrityAlgKeyLen,\r
@@ -1839,6 +1916,10 @@ Ikev2GenerateChildSaKeys (
      ChildSaSession->ChildKeymats.RemotePeerInfo.EspAlgoInfo.AuthAlgoId    = (UINT8)SaParams->IntegAlgId;\r
      ChildSaSession->ChildKeymats.RemotePeerInfo.EspAlgoInfo.AuthKeyLength = IntegrityAlgKeyLen;\r
      ChildSaSession->ChildKeymats.RemotePeerInfo.EspAlgoInfo.AuthKey       = AllocateZeroPool (IntegrityAlgKeyLen);\r
      ChildSaSession->ChildKeymats.RemotePeerInfo.EspAlgoInfo.AuthAlgoId    = (UINT8)SaParams->IntegAlgId;\r
      ChildSaSession->ChildKeymats.RemotePeerInfo.EspAlgoInfo.AuthKeyLength = IntegrityAlgKeyLen;\r
      ChildSaSession->ChildKeymats.RemotePeerInfo.EspAlgoInfo.AuthKey       = AllocateZeroPool (IntegrityAlgKeyLen);\r
+    if (ChildSaSession->ChildKeymats.RemotePeerInfo.EspAlgoInfo.AuthKey == NULL) {\r
+      Status = EFI_OUT_OF_RESOURCES;\r
+      goto Exit;\r
+    }   \r
      \r
      CopyMem (\r
        ChildSaSession->ChildKeymats.RemotePeerInfo.EspAlgoInfo.AuthKey,\r
      \r
      CopyMem (\r
        ChildSaSession->ChildKeymats.RemotePeerInfo.EspAlgoInfo.AuthKey,\r
@@ -1852,7 +1933,11 @@ Ikev2GenerateChildSaKeys (
      ChildSaSession->ChildKeymats.RemotePeerInfo.EspAlgoInfo.EncAlgoId    = (UINT8)SaParams->EncAlgId;\r
      ChildSaSession->ChildKeymats.RemotePeerInfo.EspAlgoInfo.EncKeyLength = EncryptAlgKeyLen;\r
      ChildSaSession->ChildKeymats.RemotePeerInfo.EspAlgoInfo.EncKey       = AllocateZeroPool (EncryptAlgKeyLen);\r
      ChildSaSession->ChildKeymats.RemotePeerInfo.EspAlgoInfo.EncAlgoId    = (UINT8)SaParams->EncAlgId;\r
      ChildSaSession->ChildKeymats.RemotePeerInfo.EspAlgoInfo.EncKeyLength = EncryptAlgKeyLen;\r
      ChildSaSession->ChildKeymats.RemotePeerInfo.EspAlgoInfo.EncKey       = AllocateZeroPool (EncryptAlgKeyLen);\r
-\r
+    if (ChildSaSession->ChildKeymats.RemotePeerInfo.EspAlgoInfo.EncKey == NULL) {\r
+      Status = EFI_OUT_OF_RESOURCES;\r
+      goto Exit;\r
+    }   \r
+    \r
      CopyMem (\r
        ChildSaSession->ChildKeymats.RemotePeerInfo.EspAlgoInfo.EncKey,\r
        OutputKey,\r
      CopyMem (\r
        ChildSaSession->ChildKeymats.RemotePeerInfo.EspAlgoInfo.EncKey,\r
        OutputKey,\r
@@ -1865,7 +1950,11 @@ Ikev2GenerateChildSaKeys (
      ChildSaSession->ChildKeymats.RemotePeerInfo.EspAlgoInfo.AuthAlgoId    = (UINT8)SaParams->IntegAlgId;\r
      ChildSaSession->ChildKeymats.RemotePeerInfo.EspAlgoInfo.AuthKeyLength = IntegrityAlgKeyLen;\r
      ChildSaSession->ChildKeymats.RemotePeerInfo.EspAlgoInfo.AuthKey       = AllocateZeroPool (IntegrityAlgKeyLen);\r
      ChildSaSession->ChildKeymats.RemotePeerInfo.EspAlgoInfo.AuthAlgoId    = (UINT8)SaParams->IntegAlgId;\r
      ChildSaSession->ChildKeymats.RemotePeerInfo.EspAlgoInfo.AuthKeyLength = IntegrityAlgKeyLen;\r
      ChildSaSession->ChildKeymats.RemotePeerInfo.EspAlgoInfo.AuthKey       = AllocateZeroPool (IntegrityAlgKeyLen);\r
-\r
+    if (ChildSaSession->ChildKeymats.RemotePeerInfo.EspAlgoInfo.AuthKey == NULL) {\r
+      Status = EFI_OUT_OF_RESOURCES;\r
+      goto Exit;\r
+    }   \r
+    \r
      CopyMem (\r
        ChildSaSession->ChildKeymats.RemotePeerInfo.EspAlgoInfo.AuthKey,\r
        OutputKey + EncryptAlgKeyLen,\r
      CopyMem (\r
        ChildSaSession->ChildKeymats.RemotePeerInfo.EspAlgoInfo.AuthKey,\r
        OutputKey + EncryptAlgKeyLen,\r
@@ -1878,7 +1967,11 @@ Ikev2GenerateChildSaKeys (
      ChildSaSession->ChildKeymats.LocalPeerInfo.EspAlgoInfo.EncAlgoId    = (UINT8)SaParams->EncAlgId;\r
      ChildSaSession->ChildKeymats.LocalPeerInfo.EspAlgoInfo.EncKeyLength = EncryptAlgKeyLen;\r
      ChildSaSession->ChildKeymats.LocalPeerInfo.EspAlgoInfo.EncKey       = AllocateZeroPool (EncryptAlgKeyLen);\r
      ChildSaSession->ChildKeymats.LocalPeerInfo.EspAlgoInfo.EncAlgoId    = (UINT8)SaParams->EncAlgId;\r
      ChildSaSession->ChildKeymats.LocalPeerInfo.EspAlgoInfo.EncKeyLength = EncryptAlgKeyLen;\r
      ChildSaSession->ChildKeymats.LocalPeerInfo.EspAlgoInfo.EncKey       = AllocateZeroPool (EncryptAlgKeyLen);\r
-\r
+    if (ChildSaSession->ChildKeymats.LocalPeerInfo.EspAlgoInfo.EncKey == NULL) {\r
+      Status = EFI_OUT_OF_RESOURCES;\r
+      goto Exit;\r
+    }  \r
+    \r
      CopyMem (\r
        ChildSaSession->ChildKeymats.LocalPeerInfo.EspAlgoInfo.EncKey,\r
        OutputKey + EncryptAlgKeyLen + IntegrityAlgKeyLen,\r
      CopyMem (\r
        ChildSaSession->ChildKeymats.LocalPeerInfo.EspAlgoInfo.EncKey,\r
        OutputKey + EncryptAlgKeyLen + IntegrityAlgKeyLen,\r
@@ -1891,7 +1984,11 @@ Ikev2GenerateChildSaKeys (
      ChildSaSession->ChildKeymats.LocalPeerInfo.EspAlgoInfo.AuthAlgoId    = (UINT8)SaParams->IntegAlgId;\r
      ChildSaSession->ChildKeymats.LocalPeerInfo.EspAlgoInfo.AuthKeyLength = IntegrityAlgKeyLen;\r
      ChildSaSession->ChildKeymats.LocalPeerInfo.EspAlgoInfo.AuthKey       = AllocateZeroPool (IntegrityAlgKeyLen);\r
      ChildSaSession->ChildKeymats.LocalPeerInfo.EspAlgoInfo.AuthAlgoId    = (UINT8)SaParams->IntegAlgId;\r
      ChildSaSession->ChildKeymats.LocalPeerInfo.EspAlgoInfo.AuthKeyLength = IntegrityAlgKeyLen;\r
      ChildSaSession->ChildKeymats.LocalPeerInfo.EspAlgoInfo.AuthKey       = AllocateZeroPool (IntegrityAlgKeyLen);\r
-\r
+    if (ChildSaSession->ChildKeymats.LocalPeerInfo.EspAlgoInfo.AuthKey == NULL) {\r
+      Status = EFI_OUT_OF_RESOURCES;\r
+      goto Exit;\r
+    }   \r
+    \r
      CopyMem (\r
        ChildSaSession->ChildKeymats.LocalPeerInfo.EspAlgoInfo.AuthKey,\r
        OutputKey + 2 * EncryptAlgKeyLen + IntegrityAlgKeyLen,\r
      CopyMem (\r
        ChildSaSession->ChildKeymats.LocalPeerInfo.EspAlgoInfo.AuthKey,\r
        OutputKey + 2 * EncryptAlgKeyLen + IntegrityAlgKeyLen,\r
@@ -1920,7 +2017,27 @@ Ikev2GenerateChildSaKeys (
      IntegrityAlgKeyLen\r
      );\r
  \r
      IntegrityAlgKeyLen\r
      );\r
  \r
-  FreePool (OutputKey);\r
+\r
+\r
+Exit:\r
+  if (EFI_ERROR (Status)) {\r
+    if (ChildSaSession->ChildKeymats.LocalPeerInfo.EspAlgoInfo.EncKey != NULL) {\r
+      FreePool (ChildSaSession->ChildKeymats.LocalPeerInfo.EspAlgoInfo.EncKey);\r
+    }\r
+    if (ChildSaSession->ChildKeymats.LocalPeerInfo.EspAlgoInfo.AuthKey != NULL) {\r
+      FreePool (ChildSaSession->ChildKeymats.LocalPeerInfo.EspAlgoInfo.AuthKey);\r
+    }\r
+    if (ChildSaSession->ChildKeymats.RemotePeerInfo.EspAlgoInfo.EncKey != NULL) {\r
+      FreePool (ChildSaSession->ChildKeymats.RemotePeerInfo.EspAlgoInfo.EncKey);\r
+    }\r
+    if (ChildSaSession->ChildKeymats.RemotePeerInfo.EspAlgoInfo.AuthKey != NULL) {\r
+      FreePool (ChildSaSession->ChildKeymats.RemotePeerInfo.EspAlgoInfo.AuthKey);\r
+    }\r
+  }\r
+\r
+  if (OutputKey != NULL) {\r
+    FreePool (OutputKey);\r
+  }\r
    \r
    return EFI_SUCCESS;\r
  }\r
    \r
    return EFI_SUCCESS;\r
  }\r
diff --git a/NetworkPkg/IpSecDxe/Ikev2/Utility.c b/NetworkPkg/IpSecDxe/Ikev2/Utility.c

index 4c461b3742fb39086c44bc600df8b959d4cb5a76..80720ffb0341b004acf7d2e6db97e71abd62eb16 100644 (file)
--- a/NetworkPkg/IpSecDxe/Ikev2/Utility.c
+++ b/NetworkPkg/IpSecDxe/Ikev2/Utility.c
@@ -1,7 +1,7 @@
  /** @file\r
    The Common operations used by IKE Exchange Process.\r
  \r
  /** @file\r
    The Common operations used by IKE Exchange Process.\r
  \r
-  Copyright (c) 2010, Intel Corporation. All rights reserved.<BR>\r
+  Copyright (c) 2010 - 2011, Intel Corporation. All rights reserved.<BR>\r
  \r
    This program and the accompanying materials\r
    are licensed and made available under the terms and conditions of the BSD License\r
  \r
    This program and the accompanying materials\r
    are licensed and made available under the terms and conditions of the BSD License\r
@@ -947,6 +947,7 @@ Ikev2ChildSaSilentDelete (
        //\r
        IsRemoteFound   = TRUE;\r
        RemoteSelector  = AllocateZeroPool (SelectorSize);\r
        //\r
        IsRemoteFound   = TRUE;\r
        RemoteSelector  = AllocateZeroPool (SelectorSize);\r
+      ASSERT (RemoteSelector != NULL);\r
        CopyMem (RemoteSelector, Selector, SelectorSize);\r
      }\r
  \r
        CopyMem (RemoteSelector, Selector, SelectorSize);\r
      }\r
  \r
@@ -957,6 +958,7 @@ Ikev2ChildSaSilentDelete (
        //\r
        IsLocalFound  = TRUE;\r
        LocalSelector = AllocateZeroPool (SelectorSize);\r
        //\r
        IsLocalFound  = TRUE;\r
        LocalSelector = AllocateZeroPool (SelectorSize);\r
+      ASSERT (LocalSelector != NULL);\r
        CopyMem (LocalSelector, Selector, SelectorSize);\r
      }\r
    }\r
        CopyMem (LocalSelector, Selector, SelectorSize);\r
      }\r
    }\r
diff --git a/NetworkPkg/IpSecDxe/IpSecConfigImpl.c b/NetworkPkg/IpSecDxe/IpSecConfigImpl.c

index 87f85e7ca675d8b9ec33b8f0f48b853e8ef701a9..6eabfe45dee804f98511a7bb4985c5d9025945dc 100644 (file)
--- a/NetworkPkg/IpSecDxe/IpSecConfigImpl.c
+++ b/NetworkPkg/IpSecDxe/IpSecConfigImpl.c
@@ -1,7 +1,7 @@
  /** @file\r
    The implementation of IPSEC_CONFIG_PROTOCOL.\r
  \r
  /** @file\r
    The implementation of IPSEC_CONFIG_PROTOCOL.\r
  \r
-  Copyright (c) 2009 - 2010, Intel Corporation. All rights reserved.<BR>\r
+  Copyright (c) 2009 - 2011, Intel Corporation. All rights reserved.<BR>\r
  \r
    This program and the accompanying materials\r
    are licensed and made available under the terms and conditions of the BSD License\r
  \r
    This program and the accompanying materials\r
    are licensed and made available under the terms and conditions of the BSD License\r
@@ -2196,6 +2196,10 @@ IpSecGetVariable (
                          VariableNameISizeNew,\r
                          VariableNameI\r
                          );\r
                          VariableNameISizeNew,\r
                          VariableNameI\r
                          );\r
+      if (VariableNameI == NULL) {\r
+        Status = EFI_OUT_OF_RESOURCES;\r
+        break;\r
+      }\r
        VariableNameISize = VariableNameISizeNew;\r
  \r
        Status = gRT->GetNextVariableName (\r
        VariableNameISize = VariableNameISizeNew;\r
  \r
        Status = gRT->GetNextVariableName (\r
@@ -2272,7 +2276,9 @@ IpSecGetVariable (
    }\r
  \r
  ON_EXIT:\r
    }\r
  \r
  ON_EXIT:\r
-  FreePool (VariableNameI);\r
+  if (VariableNameI != NULL) {\r
+    FreePool (VariableNameI);\r
+  }\r
    return Status;\r
  }\r
  \r
    return Status;\r
  }\r
  \r
@@ -2700,7 +2706,7 @@ IpSecCopyPolicyEntry (
      Buffer->Capacity += EntrySize;\r
      TempPoint         = AllocatePool (Buffer->Capacity);\r
      \r
      Buffer->Capacity += EntrySize;\r
      TempPoint         = AllocatePool (Buffer->Capacity);\r
      \r
-    if (Buffer->Ptr == NULL) {\r
+    if (TempPoint == NULL) {\r
        return EFI_OUT_OF_RESOURCES;\r
      }\r
      //\r
        return EFI_OUT_OF_RESOURCES;\r
      }\r
      //\r
diff --git a/NetworkPkg/IpSecDxe/IpSecImpl.c b/NetworkPkg/IpSecDxe/IpSecImpl.c

index 47372578097a4836b1f8a96d958a48047b33d53b..50cd4d8540490fe6e603085769c10291d8d5000e 100644 (file)
--- a/NetworkPkg/IpSecDxe/IpSecImpl.c
+++ b/NetworkPkg/IpSecDxe/IpSecImpl.c
@@ -1237,6 +1237,7 @@ IpSecTunnelOutboundPacket (
        );\r
    } else {\r
      InnerHead = AllocateZeroPool (sizeof (EFI_IP6_HEADER) + *OptionsLength);\r
        );\r
    } else {\r
      InnerHead = AllocateZeroPool (sizeof (EFI_IP6_HEADER) + *OptionsLength);\r
+    ASSERT (InnerHead != NULL);\r
      CopyMem (\r
        InnerHead,\r
        IpHead,\r
      CopyMem (\r
        InnerHead,\r
        IpHead,\r
diff --git a/ShellPkg/Library/UefiFileHandleLib/UefiFileHandleLib.c b/ShellPkg/Library/UefiFileHandleLib/UefiFileHandleLib.c

index a4820c9970e6db7f8c95db0d3700a1b0c9f2a424..116c78f38b0316ecce2368d1ebd3ae6ed4321658 100644 (file)
--- a/ShellPkg/Library/UefiFileHandleLib/UefiFileHandleLib.c
+++ b/ShellPkg/Library/UefiFileHandleLib/UefiFileHandleLib.c
@@ -765,6 +765,9 @@ StrnCatGrowLeft (
    } else {\r
      *Destination = AllocateZeroPool(Count+sizeof(CHAR16));\r
    }\r
    } else {\r
      *Destination = AllocateZeroPool(Count+sizeof(CHAR16));\r
    }\r
+  if (*Destination == NULL) {\r
+    return NULL;\r
+  }\r
  \r
    CopySize = StrSize(*Destination);\r
    CopyMem((*Destination)+((Count-2)/sizeof(CHAR16)), *Destination, CopySize);\r
  \r
    CopySize = StrSize(*Destination);\r
    CopyMem((*Destination)+((Count-2)/sizeof(CHAR16)), *Destination, CopySize);\r
diff --git a/ShellPkg/Library/UefiShellLib/UefiShellLib.c b/ShellPkg/Library/UefiShellLib/UefiShellLib.c

index 598a2b479a81f29c77ade7464c9727038e065ffc..06e2386378296df769c07a29ea9234ec752e7728 100644 (file)
--- a/ShellPkg/Library/UefiShellLib/UefiShellLib.c
+++ b/ShellPkg/Library/UefiShellLib/UefiShellLib.c
@@ -1933,6 +1933,9 @@ InternalCommandLineParse (
    // initialize the linked list\r
    //\r
    *CheckPackage = (LIST_ENTRY*)AllocateZeroPool(sizeof(LIST_ENTRY));\r
    // initialize the linked list\r
    //\r
    *CheckPackage = (LIST_ENTRY*)AllocateZeroPool(sizeof(LIST_ENTRY));\r
+  if (*CheckPackage == NULL) {\r
+    return EFI_OUT_OF_RESOURCES;\r
+  }\r
    InitializeListHead(*CheckPackage);\r
  \r
    //\r
    InitializeListHead(*CheckPackage);\r
  \r
    //\r
author	sfu5 <sfu5@6f19259b-4bc3-4df7-8a09-765794883524>
	Sat, 8 Oct 2011 02:55:30 +0000 (02:55 +0000)
committer	sfu5 <sfu5@6f19259b-4bc3-4df7-8a09-765794883524>
	Sat, 8 Oct 2011 02:55:30 +0000 (02:55 +0000)
MdeModulePkg/Library/UefiHiiLib/HiiLib.c		patch \| blob \| blame \| history
NetworkPkg/Ip6Dxe/Ip6Nd.c		patch \| blob \| blame \| history
NetworkPkg/IpSecDxe/Ikev2/Payload.c		patch \| blob \| blame \| history
NetworkPkg/IpSecDxe/Ikev2/Sa.c		patch \| blob \| blame \| history
NetworkPkg/IpSecDxe/Ikev2/Utility.c		patch \| blob \| blame \| history
NetworkPkg/IpSecDxe/IpSecConfigImpl.c		patch \| blob \| blame \| history
NetworkPkg/IpSecDxe/IpSecImpl.c		patch \| blob \| blame \| history
ShellPkg/Library/UefiFileHandleLib/UefiFileHandleLib.c		patch \| blob \| blame \| history
ShellPkg/Library/UefiShellLib/UefiShellLib.c		patch \| blob \| blame \| history