OrgACRN
/
acrn-hypervisor
mirror of https://github.com/projectacrn/acrn-hypervisor.git
1
0
Fork 0
Code Issues Releases Wiki Activity

efi-stub: fix stack memory free issue 

Because of this commit:

    commit 63e258bd01
    Author: Tianhua Sun <tianhuax.s.sun@intel.com>
    Date:   Wed Jul 17 14:33:47 2019 +0800

	efi-stub: update string operation in efi-stub

	Remove unsafe API in efi-stub
	1, use Strnlen instead of StrLen except the parameter
	   is a static string.
	2, strlen() only work on static strings.

	Tracked-On: #3276
	Signed-off-by: Tianhua Sun <tianhuax.s.sun@intel.com>
	Reviewed-by: Yonghua Huang <yonghua.huang@intel.com>

In the default case, bootloader_name will be point to a separate ro
section which hold the constant string, free this memory later will
cause undefined behavior (memory corruption, exception and so on).

Tracked-On: #3644
Signed-off-by: Tw <wei.tan@intel.com>
Reviewed-by: Jack Ren <jack.ren@intel.com>
This commit is contained in:
Tw 2019-09-02 13:44:08 +08:00 committed by ACRN System Integration
parent cd1ae7a89e
commit 1547a4cb27
1 changed files with 5 additions and 5 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

10
misc/efi-stub/boot.c
View File

@ -420,7 +420,7 @@ efi_main(EFI_HANDLE image, EFI_SYSTEM_TABLE *_table)
err = get_pe_section(info->ImageBase, section, strlen(section), &sec_addr, &sec_size); err = get_pe_section(info->ImageBase, section, strlen(section), &sec_addr, &sec_size);
if (EFI_ERROR(err)) { if (EFI_ERROR(err)) {
Print(L"Unable to locate section of ACRNHV %r ", err); Print(L"Unable to locate section of ACRNHV %r ", err);
goto failed; goto free_args;
} }
/* without relocateion enabled, hypervisor binary need to reside in /* without relocateion enabled, hypervisor binary need to reside in
@ -436,14 +436,14 @@ efi_main(EFI_HANDLE image, EFI_SYSTEM_TABLE *_table)
err = emalloc_fixed_addr(&hv_hpa, CONFIG_HV_RAM_SIZE, CONFIG_HV_RAM_START); err = emalloc_fixed_addr(&hv_hpa, CONFIG_HV_RAM_SIZE, CONFIG_HV_RAM_START);
#endif #endif
if (err != EFI_SUCCESS) if (err != EFI_SUCCESS)
goto failed; goto free_args;
memcpy((char *)hv_hpa, info->ImageBase + sec_addr, sec_size); memcpy((char *)hv_hpa, info->ImageBase + sec_addr, sec_size);
/* load hypervisor and begin to run on it */ /* load hypervisor and begin to run on it */
err = switch_to_guest_mode(image, hv_hpa); err = switch_to_guest_mode(image, hv_hpa);
if (err != EFI_SUCCESS) if (err != EFI_SUCCESS)
goto failed; goto free_args;
/* /*
* enable all AP here will reset all APs, * enable all AP here will reset all APs,
@ -456,7 +456,7 @@ efi_main(EFI_HANDLE image, EFI_SYSTEM_TABLE *_table)
if (!path) if (!path)
goto free_args; goto free_args;
FreePool(bootloader_name); FreePool(cmdline16);
err = uefi_call_wrapper(boot->LoadImage, 6, FALSE, image, err = uefi_call_wrapper(boot->LoadImage, 6, FALSE, image,
path, NULL, 0, &bootloader_image); path, NULL, 0, &bootloader_image);
@ -476,7 +476,7 @@ efi_main(EFI_HANDLE image, EFI_SYSTEM_TABLE *_table)
return EFI_SUCCESS; return EFI_SUCCESS;
free_args: free_args:
FreePool(bootloader_name); FreePool(cmdline16);
failed: failed:
/* /*
* We need to be careful not to trash 'err' here. If we fail * We need to be careful not to trash 'err' here. If we fail