summaryrefslogtreecommitdiff
path: root/MdeModulePkg/Universal
diff options
context:
space:
mode:
authorQiu Shumin <shumin.qiu@intel.com>2015-12-15 08:40:55 +0000
committershenshushi <shenshushi@Edk2>2015-12-15 08:40:55 +0000
commitb0c2b79738fc50ccf52c44afcddaee52e9108c4f (patch)
treeb26b294221007baf96472d633522f19ff74218c9 /MdeModulePkg/Universal
parent00d1c2a35e2a85549b0b9caff604f12cbc057968 (diff)
downloadedk2-b0c2b79738fc50ccf52c44afcddaee52e9108c4f.zip
edk2-b0c2b79738fc50ccf52c44afcddaee52e9108c4f.tar.gz
edk2-b0c2b79738fc50ccf52c44afcddaee52e9108c4f.tar.bz2
MdeModulePkg: Add NULL pointer check for RegularExpressionDxe.
Refine code by adding NULL pointer check to avoid potential NULL pointer dereferenced. Contributed-under: TianoCore Contribution Agreement 1.0 Signed-off-by: Qiu Shumin <shumin.qiu@intel.com> Reviewed-by: Samer El-Haj-Mahmoud <elhaj@hpe.com> git-svn-id: https://svn.code.sf.net/p/edk2/code/trunk/edk2@19271 6f19259b-4bc3-4df7-8a09-765794883524
Diffstat (limited to 'MdeModulePkg/Universal')
-rw-r--r--MdeModulePkg/Universal/RegularExpressionDxe/Oniguruma/enc/unicode.c2
-rw-r--r--MdeModulePkg/Universal/RegularExpressionDxe/Oniguruma/regcomp.c14
-rw-r--r--MdeModulePkg/Universal/RegularExpressionDxe/Oniguruma/regerror.c4
-rw-r--r--MdeModulePkg/Universal/RegularExpressionDxe/Oniguruma/regexec.c8
-rw-r--r--MdeModulePkg/Universal/RegularExpressionDxe/Oniguruma/regparse.c15
-rw-r--r--MdeModulePkg/Universal/RegularExpressionDxe/Oniguruma/st.c7
-rw-r--r--MdeModulePkg/Universal/RegularExpressionDxe/RegularExpressionDxe.c4
7 files changed, 50 insertions, 4 deletions
diff --git a/MdeModulePkg/Universal/RegularExpressionDxe/Oniguruma/enc/unicode.c b/MdeModulePkg/Universal/RegularExpressionDxe/Oniguruma/enc/unicode.c
index a906670..6747b3d 100644
--- a/MdeModulePkg/Universal/RegularExpressionDxe/Oniguruma/enc/unicode.c
+++ b/MdeModulePkg/Universal/RegularExpressionDxe/Oniguruma/enc/unicode.c
@@ -11239,7 +11239,7 @@ onigenc_unicode_get_case_fold_codes_by_str(OnigEncoding enc,
}
else if ((flag & INTERNAL_ONIGENC_CASE_FOLD_MULTI_CHAR) != 0) {
OnigCodePoint cs[3][4];
- int fn, ncs[3];
+ int fn, ncs[3]={0, 0, 0};
for (fn = 0; fn < to->n; fn++) {
cs[fn][0] = to->code[fn];
diff --git a/MdeModulePkg/Universal/RegularExpressionDxe/Oniguruma/regcomp.c b/MdeModulePkg/Universal/RegularExpressionDxe/Oniguruma/regcomp.c
index 25b768b..891dd3a 100644
--- a/MdeModulePkg/Universal/RegularExpressionDxe/Oniguruma/regcomp.c
+++ b/MdeModulePkg/Universal/RegularExpressionDxe/Oniguruma/regcomp.c
@@ -1248,6 +1248,9 @@ compile_length_enclose_node(EncloseNode* node, regex_t* reg)
case ENCLOSE_STOP_BACKTRACK:
if (IS_ENCLOSE_STOP_BT_SIMPLE_REPEAT(node)) {
+ if (node->target == NULL) {
+ CHECK_NULL_RETURN_MEMERR(node->target);
+ }
QtfrNode* qn = NQTFR(node->target);
tlen = compile_length_tree(qn->target, reg);
if (tlen < 0) return tlen;
@@ -3263,6 +3266,7 @@ expand_case_fold_string_alt(int item_num, OnigCaseFoldCodeItem items[],
int r, i, j, len, varlen;
Node *anode, *var_anode, *snode, *xnode, *an;
UChar buf[ONIGENC_CODE_TO_MBC_MAXLEN];
+ xnode = NULL_NODE;
*rnode = var_anode = NULL_NODE;
@@ -3317,7 +3321,7 @@ expand_case_fold_string_alt(int item_num, OnigCaseFoldCodeItem items[],
}
if (items[i].byte_len != slen) {
- Node *rem;
+ Node *rem = NULL_NODE;
UChar *q = p + items[i].byte_len;
if (q < end) {
@@ -3346,6 +3350,12 @@ expand_case_fold_string_alt(int item_num, OnigCaseFoldCodeItem items[],
NCAR(an) = snode;
}
+ if (var_anode == NULL) {
+ onig_node_free(an);
+ onig_node_free(xnode);
+ onig_node_free(rem);
+ goto mem_err2;
+ }
NCDR(var_anode) = an;
var_anode = an;
}
@@ -5304,7 +5314,7 @@ onig_compile(regex_t* reg, const UChar* pattern, const UChar* pattern_end,
#endif
r = onig_parse_make_tree(&root, pattern, pattern_end, reg, &scan_env);
- if (r != 0) goto err;
+ if (r != 0 || root == NULL) goto err;
#ifdef USE_NAMED_GROUP
/* mixed use named group and no-named group */
diff --git a/MdeModulePkg/Universal/RegularExpressionDxe/Oniguruma/regerror.c b/MdeModulePkg/Universal/RegularExpressionDxe/Oniguruma/regerror.c
index 086a747..c3ec362 100644
--- a/MdeModulePkg/Universal/RegularExpressionDxe/Oniguruma/regerror.c
+++ b/MdeModulePkg/Universal/RegularExpressionDxe/Oniguruma/regerror.c
@@ -308,6 +308,10 @@ onig_error_code_to_str(s, code, va_alist)
default:
q = onig_error_code_to_format(code);
+ if (q == NULL) {
+ len = 0;
+ break;
+ }
len = onigenc_str_bytelen_null(ONIG_ENCODING_ASCII, q);
xmemcpy(s, q, len);
s[len] = '\0';
diff --git a/MdeModulePkg/Universal/RegularExpressionDxe/Oniguruma/regexec.c b/MdeModulePkg/Universal/RegularExpressionDxe/Oniguruma/regexec.c
index 160c995..a175f3a 100644
--- a/MdeModulePkg/Universal/RegularExpressionDxe/Oniguruma/regexec.c
+++ b/MdeModulePkg/Universal/RegularExpressionDxe/Oniguruma/regexec.c
@@ -243,7 +243,9 @@ onig_region_new(void)
OnigRegion* r;
r = (OnigRegion* )xmalloc(sizeof(OnigRegion));
- onig_region_init(r);
+ if (r != NULL) {
+ onig_region_init(r);
+ }
return r;
}
@@ -284,6 +286,10 @@ onig_region_copy(OnigRegion* to, OnigRegion* from)
to->allocated = from->num_regs;
}
+ if (to->beg == NULL || to->end == NULL) {
+ return;
+ }
+
for (i = 0; i < from->num_regs; i++) {
to->beg[i] = from->beg[i];
to->end[i] = from->end[i];
diff --git a/MdeModulePkg/Universal/RegularExpressionDxe/Oniguruma/regparse.c b/MdeModulePkg/Universal/RegularExpressionDxe/Oniguruma/regparse.c
index 4be2f22..b0fee98 100644
--- a/MdeModulePkg/Universal/RegularExpressionDxe/Oniguruma/regparse.c
+++ b/MdeModulePkg/Universal/RegularExpressionDxe/Oniguruma/regparse.c
@@ -380,6 +380,7 @@ onig_st_insert_strend(hash_table_type* table, const UChar* str_key,
int result;
key = (st_str_end_key* )xmalloc(sizeof(st_str_end_key));
+ CHECK_NULL_RETURN_MEMERR(key);
key->s = (UChar* )str_key;
key->end = (UChar* )end_key;
result = onig_st_insert(table, (st_data_t )(UINTN)key, value);
@@ -732,6 +733,7 @@ name_add(regex_t* reg, UChar* name, UChar* name_end, int backref, ScanEnv* env)
#ifdef USE_ST_LIBRARY
if (IS_NULL(t)) {
t = onig_st_init_strend_table_with_size(5);
+ CHECK_NULL_RETURN_MEMERR(t);
reg->name_table = (void* )t;
}
e = (NameEntry* )xmalloc(sizeof(NameEntry));
@@ -964,6 +966,8 @@ scan_env_add_mem_entry(ScanEnv* env)
if (IS_NULL(env->mem_nodes_dynamic)) {
alloc = INIT_SCANENV_MEMNODES_ALLOC_SIZE;
p = (Node** )xmalloc(sizeof(Node*) * alloc);
+ CHECK_NULL_RETURN_MEMERR(p);
+
xmemcpy(p, env->mem_nodes_static,
sizeof(Node*) * SCANENV_MEMNODES_SIZE);
}
@@ -1522,6 +1526,7 @@ static Node*
node_new_str_raw(UChar* s, UChar* end)
{
Node* node = node_new_str(s, end);
+ CHECK_NULL_RETURN(node);
NSTRING_SET_RAW(node);
return node;
}
@@ -1551,6 +1556,7 @@ str_node_split_last_char(StrNode* sn, OnigEncoding enc)
p = onigenc_get_prev_char_head(enc, sn->s, sn->end);
if (p && p > sn->s) { /* can be splitted. */
n = node_new_str(p, sn->end);
+ CHECK_NULL_RETURN(n);
if ((sn->flag & NSTR_RAW) != 0)
NSTRING_SET_RAW(n);
sn->end = (UChar* )p;
@@ -4785,6 +4791,9 @@ set_quantifier(Node* qnode, Node* target, int group, ScanEnv* env)
QtfrNode* qnt = NQTFR(target);
int nestq_num = popular_quantifier_num(qn);
int targetq_num = popular_quantifier_num(qnt);
+ if (nestq_num < 0 || targetq_num < 0) {
+ return ONIGERR_TYPE_BUG;
+ }
#ifdef USE_WARNING_REDUNDANT_NESTED_REPEAT_OPERATOR
if (!IS_QUANTIFIER_BY_NUMBER(qn) && !IS_QUANTIFIER_BY_NUMBER(qnt) &&
@@ -5234,6 +5243,7 @@ parse_exp(Node** np, OnigToken* tok, int term,
cc = NCCLASS(*np);
NCCLASS_SET_SHARE(cc);
new_key = (type_cclass_key* )xmalloc(sizeof(type_cclass_key));
+ CHECK_NULL_RETURN_MEMERR(new_key);
xmemcpy(new_key, &key, sizeof(type_cclass_key));
onig_st_add_direct(OnigTypeCClassTable, (st_data_t )(UINTN)new_key,
(st_data_t )(UINTN)*np);
@@ -5345,6 +5355,7 @@ parse_exp(Node** np, OnigToken* tok, int term,
case TK_ANCHOR:
*np = onig_node_new_anchor(tok->u.anchor);
+ CHECK_NULL_RETURN_MEMERR(*np);
break;
case TK_OP_REPEAT:
@@ -5354,6 +5365,7 @@ parse_exp(Node** np, OnigToken* tok, int term,
return ONIGERR_TARGET_OF_REPEAT_OPERATOR_NOT_SPECIFIED;
else
*np = node_new_empty();
+ CHECK_NULL_RETURN_MEMERR(*np);
}
else {
goto tk_byte;
@@ -5442,9 +5454,11 @@ parse_branch(Node** top, OnigToken* tok, int term,
}
else {
*top = node_new_list(node, NULL);
+ CHECK_NULL_RETURN_MEMERR(*top);
headp = &(NCDR(*top));
while (r != TK_EOT && r != term && r != TK_ALT) {
r = parse_exp(&node, tok, term, src, end, env);
+ CHECK_NULL_RETURN_MEMERR(node);
if (r < 0) return r;
if (NTYPE(node) == NT_LIST) {
@@ -5482,6 +5496,7 @@ parse_subexp(Node** top, OnigToken* tok, int term,
}
else if (r == TK_ALT) {
*top = onig_node_new_alt(node, NULL);
+ CHECK_NULL_RETURN_MEMERR(*top);
headp = &(NCDR(*top));
while (r == TK_ALT) {
r = fetch_token(tok, src, end, env);
diff --git a/MdeModulePkg/Universal/RegularExpressionDxe/Oniguruma/st.c b/MdeModulePkg/Universal/RegularExpressionDxe/Oniguruma/st.c
index 1527fcc..8dcfdc3 100644
--- a/MdeModulePkg/Universal/RegularExpressionDxe/Oniguruma/st.c
+++ b/MdeModulePkg/Universal/RegularExpressionDxe/Oniguruma/st.c
@@ -156,6 +156,7 @@ st_init_table_with_size(type, size)
size = new_size(size); /* round up to prime number */
tbl = alloc(st_table);
+ CHECK_NULL_RETURN(tbl);
tbl->type = type;
tbl->num_entries = 0;
tbl->num_bins = size;
@@ -267,6 +268,9 @@ do {\
}\
\
entry = alloc(st_table_entry);\
+ if (entry == NULL) {\
+ break;\
+ }\
\
entry->hash = hash_val;\
entry->key = key;\
@@ -321,6 +325,9 @@ rehash(table)
new_num_bins = new_size(old_num_bins+1);
new_bins = (st_table_entry**)Calloc(new_num_bins, sizeof(st_table_entry*));
+ if (new_bins == NULL) {
+ return;
+ }
for(i = 0; i < old_num_bins; i++) {
ptr = table->bins[i];
diff --git a/MdeModulePkg/Universal/RegularExpressionDxe/RegularExpressionDxe.c b/MdeModulePkg/Universal/RegularExpressionDxe/RegularExpressionDxe.c
index a3eebf7..cffbcb8 100644
--- a/MdeModulePkg/Universal/RegularExpressionDxe/RegularExpressionDxe.c
+++ b/MdeModulePkg/Universal/RegularExpressionDxe/RegularExpressionDxe.c
@@ -130,6 +130,10 @@ OnigurumaMatch (
//
Start = (OnigUChar*)String;
Region = onig_region_new ();
+ if (Region == NULL) {
+ onig_free (OnigRegex);
+ return EFI_OUT_OF_RESOURCES;
+ }
OnigResult = onig_search (
OnigRegex,
Start,
generated by cgit v1.1 at 2024-07-16 22:29:56 +0000