[S] Change in coreboot[main]: commonlib/fsp_relocate: Fix potential NULL pointer dereference - coreboot-gerrit

2 Nov 2023

Matt DeVillier has submitted this change. ( https://review.coreboot.org/c/coreboot/+/78501?usp=email )
Change subject: commonlib/fsp_relocate: Fix potential NULL pointer dereference
......................................................................
commonlib/fsp_relocate: Fix potential NULL pointer dereference
Commit 1df1cf994aa9 ("commonlib/fsp_relocate: add PE32 section
support") introduced a potential NULL pointer dereference if there is
PE32 binary to relocate outside of the first firmware volume.
The `fih_offset' pointer was used as an output variable but now it is
also used as an input variable to pass the FSP information header to
the `pe_relocate()' function.
This commit resolves this potential NULL-pointer dereference by
passing the pointer systematically and without affecting the logic as
it is only set if it has not been set before.
Change-Id: I9fad90a60854d5f050aa044a5c0b3af91c99df4a
Signed-off-by: Jeremy Compostella jeremy.compostella@intel.com
Reviewed-on: https://review.coreboot.org/c/coreboot/+/78501
Reviewed-by: Bora Guvendik bora.guvendik@intel.com
Reviewed-by: Eric Lai ericllai@google.com
Tested-by: build bot (Jenkins) no-reply@coreboot.org
---
M src/commonlib/fsp_relocate.c
1 file changed, 3 insertions(+), 9 deletions(-)
Approvals:
  Bora Guvendik: Looks good to me, approved
  Eric Lai: Looks good to me, but someone else must approve
  build bot (Jenkins): Verified

diff --git a/src/commonlib/fsp_relocate.c b/src/commonlib/fsp_relocate.c
index 379930b..96d31b3 100644
--- a/src/commonlib/fsp_relocate.c
+++ b/src/commonlib/fsp_relocate.c
@@ -584,7 +584,7 @@
    	printk(FSP_DBG_LVL, "file offset: %zx\n", file_offset);
/* First file and section should be FSP info header. */
-		if (fih_offset != NULL && *fih_offset == 0)
+		if (*fih_offset == 0)
    		*fih_offset = file_offset;
ffsfh = relative_offset(fsp, file_offset);
@@ -671,14 +671,8 @@
    while (offset < size) {
    	ssize_t nparsed;
-		/* Relocate each FV within the FSP region. The FSP_INFO_HEADER
-		 * should only be located in the first FV. */
-		if (offset == 0)
-			nparsed = relocate_fvh(new_addr, fsp, size, offset,
-						&fih_offset);
-		else
-			nparsed = relocate_fvh(new_addr, fsp, size, offset,
-						NULL);
+		/* Relocate each FV within the FSP region. */
+		nparsed = relocate_fvh(new_addr, fsp, size, offset, &fih_offset);
/* FV should be larger than 0 or failed to parse. */
    	if (nparsed <= 0) {
-- 
To view, visit https://review.coreboot.org/c/coreboot/+/78501?usp=email
To unsubscribe, or for help writing mail filters, visit https://review.coreboot.org/settings

Gerrit-Project: coreboot
Gerrit-Branch: main
Gerrit-Change-Id: I9fad90a60854d5f050aa044a5c0b3af91c99df4a
Gerrit-Change-Number: 78501
Gerrit-PatchSet: 6
Gerrit-Owner: Jérémy Compostella jeremy.compostella@intel.com
Gerrit-Reviewer: Arthur Heymans arthur@aheymans.xyz
Gerrit-Reviewer: Bora Guvendik bora.guvendik@intel.com
Gerrit-Reviewer: Ed Sharma aeddiesharma@fb.com
Gerrit-Reviewer: Elyes Haouas ehaouas@noos.fr
Gerrit-Reviewer: Eric Lai ericllai@google.com
Gerrit-Reviewer: Matt DeVillier matt.devillier@amd.corp-partner.google.com
Gerrit-Reviewer: Nathaniel L Desimone nathaniel.l.desimone@intel.com
Gerrit-Reviewer: build bot (Jenkins) no-reply@coreboot.org
Gerrit-MessageType: merged



    