MdeModulePkg/DxeCapsuleLibFmp: Add missing NULL pointer check.

Add missing NULL pointer check for CapsuleNameBufStart.
Also add comments to notice that capsule name integrity check assumes
the capsule has been validated by IsValidCapsuleHeader().

Cc: Jian J Wang <jian.j.wang@intel.com>
Cc: Hao A Wu <hao.a.wu@intel.com>
Cc: Chao B Zhang <chao.b.zhang@intel.com>
Signed-off-by: Wei6 Xu <wei6.xu@intel.com>
Reviewed-by: Hao A Wu <hao.a.wu@intel.com>
Reviewed-by: Chao B Zhang <chao.b.zhang@intel.com>

1 files changed, 6 insertions, 0 deletions

diff --git a/MdeModulePkg/Library/DxeCapsuleLibFmp/CapsuleOnDisk.c b/MdeModulePkg/Library/DxeCapsuleLibFmp/CapsuleOnDisk.c
index 66c9be8e1f..3193ca8f4d 100644
--- a/MdeModulePkg/Library/DxeCapsuleLibFmp/CapsuleOnDisk.c
+++ b/MdeModulePkg/Library/DxeCapsuleLibFmp/CapsuleOnDisk.c
@@ -25,6 +25,9 @@ IsCapsuleNameCapsule (
   Check the integrity of the capsule name capsule.

   If the capsule is vaild, return the physical address of each capsule name string.

 

+  This routine assumes the capsule has been validated by IsValidCapsuleHeader(), so

+  capsule memory overflow is not going to happen in this routine.

+

   @param[in]  CapsuleHeader   Pointer to the capsule header of a capsule name capsule.

   @param[out] CapsuleNameNum  Number of capsule name.

 

@@ -65,6 +68,9 @@ ValidateCapsuleNameCapsuleIntegrity (
   //

   if (((UINTN) CapsuleNameBufStart & BIT0) != 0) {

     CapsuleNameBufStart = AllocateCopyPool (CapsuleHeader->CapsuleImageSize - CapsuleHeader->HeaderSize, CapsuleNameBufStart);

+    if (CapsuleNameBufStart == NULL) {

+      return NULL;

+    }

   }

 

   CapsuleNameBufEnd = CapsuleNameBufStart + CapsuleHeader->CapsuleImageSize - CapsuleHeader->HeaderSize;