From 11b4463e096523fe03ac840472d483652ae93904 Mon Sep 17 00:00:00 2001 From: Paulo Alcantara Date: Tue, 12 Sep 2017 09:30:23 +0800 Subject: MdeModulePkg/UdfDxe: Fix NULL pointer dereference REF: https://bugzilla.tianocore.org/show_bug.cgi?id=704 For root directory, the FID (File Identifier Descriptor) pointer is accessible through PRIVATE_UDF_FILE_DATA.Root, whereas non-root directory and regular files, their FIDs are accessible through PRIVATE_UDF_FILE_DATA.File. In UdfSetPosition(), the FID was retrieved through PRIVATE_UDF_FILE_DATA.File, hence when calling it with a root directory, PRIVATE_UDF_FILE_DATA.File.FileIdentifierDescriptor would be NULL and then dereferenced. This patch fixes the NULL pointer dereference by calling _FILE() to transparently return the correct UDF_FILE_INFO * which points to a valid FID descriptor of a specific file. Cc: Star Zeng Cc: Eric Dong Cc: Ruiyu Ni Cc: Laszlo Ersek Cc: Steven Shi Contributed-under: TianoCore Contribution Agreement 1.1 Reported-by: Steven Shi Signed-off-by: Paulo Alcantara Reviewed-by: Laszlo Ersek Reviewed-by: Star Zeng --- MdeModulePkg/Universal/Disk/UdfDxe/File.c | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) (limited to 'MdeModulePkg') diff --git a/MdeModulePkg/Universal/Disk/UdfDxe/File.c b/MdeModulePkg/Universal/Disk/UdfDxe/File.c index e7159ff861..01361141bb 100644 --- a/MdeModulePkg/Universal/Disk/UdfDxe/File.c +++ b/MdeModulePkg/Universal/Disk/UdfDxe/File.c @@ -692,7 +692,8 @@ UdfSetPosition ( PrivFileData = PRIVATE_UDF_FILE_DATA_FROM_THIS (This); - FileIdentifierDesc = PrivFileData->File.FileIdentifierDesc; + FileIdentifierDesc = _FILE (PrivFileData)->FileIdentifierDesc; + ASSERT (FileIdentifierDesc != NULL); if (IS_FID_DIRECTORY_FILE (FileIdentifierDesc)) { // // If the file handle is a directory, the _only_ position that may be set is -- cgit v1.2.3