[PATCH] MdeModulePkg/RegularExpressionDxe: Fix memory assert in FreePool()


Nickle Wang
 

Memory buffer that is allocated by malloc() and realloc() will be
shifted by 8 bytes because Oniguruma keeps its memory signature. This 8
bytes shift is not handled while calling free() to release memory. Add
free() function to check Oniguruma signature before release memory
because memory buffer is not touched when using calloc().

Signed-off-by: Nickle Wang <nickle.wang@hpe.com>
---
.../RegularExpressionDxe/OnigurumaUefiPort.c | 19 ++++++++++++++++++-
.../RegularExpressionDxe/OnigurumaUefiPort.h | 14 ++------------
2 files changed, 20 insertions(+), 13 deletions(-)

diff --git a/MdeModulePkg/Universal/RegularExpressionDxe/OnigurumaUefiPort.=
c b/MdeModulePkg/Universal/RegularExpressionDxe/OnigurumaUefiPort.c
index 9aa7b0a68e..5c34324db8 100644
--- a/MdeModulePkg/Universal/RegularExpressionDxe/OnigurumaUefiPort.c
+++ b/MdeModulePkg/Universal/RegularExpressionDxe/OnigurumaUefiPort.c
@@ -2,7 +2,7 @@
=0D
Module to rewrite stdlib references within Oniguruma=0D
=0D
- (C) Copyright 2014-2015 Hewlett Packard Enterprise Development LP<BR>=0D
+ (C) Copyright 2014-2021 Hewlett Packard Enterprise Development LP<BR>=0D
Copyright (c) 2020, Intel Corporation. All rights reserved.<BR>=0D
=0D
SPDX-License-Identifier: BSD-2-Clause-Patent=0D
@@ -96,3 +96,20 @@ void* memset (void *dest, char ch, unsigned int count)
return SetMem (dest, count, ch);=0D
}=0D
=0D
+void free(void *ptr)=0D
+{=0D
+ VOID *EvalOnce;=0D
+ ONIGMEM_HEAD *PoolHdr;=0D
+=0D
+ EvalOnce =3D ptr;=0D
+ if (EvalOnce =3D=3D NULL) {=0D
+ return;=0D
+ }=0D
+=0D
+ PoolHdr =3D (ONIGMEM_HEAD *)EvalOnce - 1;=0D
+ if (PoolHdr->Signature =3D=3D ONIGMEM_HEAD_SIGNATURE) {=0D
+ FreePool (PoolHdr);=0D
+ } else {=0D
+ FreePool (EvalOnce);=0D
+ }=0D
+}=0D
diff --git a/MdeModulePkg/Universal/RegularExpressionDxe/OnigurumaUefiPort.=
h b/MdeModulePkg/Universal/RegularExpressionDxe/OnigurumaUefiPort.h
index 20b75c3361..0bdb7be529 100644
--- a/MdeModulePkg/Universal/RegularExpressionDxe/OnigurumaUefiPort.h
+++ b/MdeModulePkg/Universal/RegularExpressionDxe/OnigurumaUefiPort.h
@@ -2,7 +2,7 @@
=0D
Module to rewrite stdlib references within Oniguruma=0D
=0D
- (C) Copyright 2014-2015 Hewlett Packard Enterprise Development LP<BR>=0D
+ (C) Copyright 2014-2021 Hewlett Packard Enterprise Development LP<BR>=0D
Copyright (c) 2020, Intel Corporation. All rights reserved.<BR>=0D
=0D
SPDX-License-Identifier: BSD-2-Clause-Patent=0D
@@ -46,17 +46,6 @@ typedef INTN intptr_t;
#endif=0D
=0D
#define calloc(n,s) AllocateZeroPool((n)*(s))=0D
-=0D
-#define free(p) \=0D
- do { \=0D
- VOID *EvalOnce; \=0D
- \=0D
- EvalOnce =3D (p); \=0D
- if (EvalOnce !=3D NULL) { \=0D
- FreePool (EvalOnce); \=0D
- } \=0D
- } while (FALSE)=0D
-=0D
#define xmemmove(Dest,Src,Length) CopyMem(Dest,Src,Length)=0D
#define xmemcpy(Dest,Src,Length) CopyMem(Dest,Src,Length)=0D
#define xmemset(Buffer,Value,Length) SetMem(Buffer,Length,Value)=0D
@@ -98,6 +87,7 @@ void* malloc(size_t size);
void* realloc(void *ptr, size_t size);=0D
void* memcpy (void *dest, const void *src, unsigned int count);=0D
void* memset (void *dest, char ch, unsigned int count);=0D
+void free(void *ptr);=0D
=0D
#define exit(n) ASSERT(FALSE);=0D
=0D
--=20
2.31.1.windows.1


Laszlo Ersek
 

On 06/10/21 06:56, Nickle Wang wrote:
Memory buffer that is allocated by malloc() and realloc() will be
shifted by 8 bytes because Oniguruma keeps its memory signature. This 8
bytes shift is not handled while calling free() to release memory. Add
free() function to check Oniguruma signature before release memory
because memory buffer is not touched when using calloc().

Signed-off-by: Nickle Wang <nickle.wang@hpe.com>
---
.../RegularExpressionDxe/OnigurumaUefiPort.c | 19 ++++++++++++++++++-
.../RegularExpressionDxe/OnigurumaUefiPort.h | 14 ++------------
2 files changed, 20 insertions(+), 13 deletions(-)

diff --git a/MdeModulePkg/Universal/RegularExpressionDxe/OnigurumaUefiPort.c b/MdeModulePkg/Universal/RegularExpressionDxe/OnigurumaUefiPort.c
index 9aa7b0a68e..5c34324db8 100644
--- a/MdeModulePkg/Universal/RegularExpressionDxe/OnigurumaUefiPort.c
+++ b/MdeModulePkg/Universal/RegularExpressionDxe/OnigurumaUefiPort.c
@@ -2,7 +2,7 @@

Module to rewrite stdlib references within Oniguruma

- (C) Copyright 2014-2015 Hewlett Packard Enterprise Development LP<BR>
+ (C) Copyright 2014-2021 Hewlett Packard Enterprise Development LP<BR>
Copyright (c) 2020, Intel Corporation. All rights reserved.<BR>

SPDX-License-Identifier: BSD-2-Clause-Patent
@@ -96,3 +96,20 @@ void* memset (void *dest, char ch, unsigned int count)
return SetMem (dest, count, ch);
}

+void free(void *ptr)
+{
+ VOID *EvalOnce;
+ ONIGMEM_HEAD *PoolHdr;
+
+ EvalOnce = ptr;
+ if (EvalOnce == NULL) {
+ return;
+ }
+
+ PoolHdr = (ONIGMEM_HEAD *)EvalOnce - 1;
+ if (PoolHdr->Signature == ONIGMEM_HEAD_SIGNATURE) {
+ FreePool (PoolHdr);
+ } else {
+ FreePool (EvalOnce);
+ }
+}
diff --git a/MdeModulePkg/Universal/RegularExpressionDxe/OnigurumaUefiPort.h b/MdeModulePkg/Universal/RegularExpressionDxe/OnigurumaUefiPort.h
index 20b75c3361..0bdb7be529 100644
--- a/MdeModulePkg/Universal/RegularExpressionDxe/OnigurumaUefiPort.h
+++ b/MdeModulePkg/Universal/RegularExpressionDxe/OnigurumaUefiPort.h
@@ -2,7 +2,7 @@

Module to rewrite stdlib references within Oniguruma

- (C) Copyright 2014-2015 Hewlett Packard Enterprise Development LP<BR>
+ (C) Copyright 2014-2021 Hewlett Packard Enterprise Development LP<BR>
Copyright (c) 2020, Intel Corporation. All rights reserved.<BR>

SPDX-License-Identifier: BSD-2-Clause-Patent
@@ -46,17 +46,6 @@ typedef INTN intptr_t;
#endif

#define calloc(n,s) AllocateZeroPool((n)*(s))
-
-#define free(p) \
- do { \
- VOID *EvalOnce; \
- \
- EvalOnce = (p); \
- if (EvalOnce != NULL) { \
- FreePool (EvalOnce); \
- } \
- } while (FALSE)
-
#define xmemmove(Dest,Src,Length) CopyMem(Dest,Src,Length)
#define xmemcpy(Dest,Src,Length) CopyMem(Dest,Src,Length)
#define xmemset(Buffer,Value,Length) SetMem(Buffer,Length,Value)
@@ -98,6 +87,7 @@ void* malloc(size_t size);
void* realloc(void *ptr, size_t size);
void* memcpy (void *dest, const void *src, unsigned int count);
void* memset (void *dest, char ch, unsigned int count);
+void free(void *ptr);

#define exit(n) ASSERT(FALSE);

This patch cannot be merged, due to a number of EccCheck complaints:

2021-06-21T01:44:13.4327861Z PROGRESS - --Running MdeModulePkg: EccCheck Test NO-TARGET --
2021-06-21T01:44:20.4922300Z ERROR -
2021-06-21T01:44:20.4924178Z ERROR - EFI coding style error
2021-06-21T01:44:20.4925524Z ERROR - *Error code: 4002
2021-06-21T01:44:20.4927323Z ERROR - *Function header doesn't exist
2021-06-21T01:44:20.4936437Z ERROR - *file: //home/vsts/work/1/s/MdeModulePkg/Universal/RegularExpressionDxe/OnigurumaUefiPort.c
2021-06-21T01:44:20.4937669Z ERROR - *Line number: 99
2021-06-21T01:44:20.4938737Z ERROR - *Function [free] has NO comment immediately preceding it.
2021-06-21T01:44:20.4945489Z ERROR -
2021-06-21T01:44:20.4951382Z ERROR - EFI coding style error
2021-06-21T01:44:20.4960149Z ERROR - *Error code: 4002
2021-06-21T01:44:20.4961161Z ERROR - *Function header doesn't exist
2021-06-21T01:44:20.4966674Z ERROR - *file: //home/vsts/work/1/s/MdeModulePkg/Universal/RegularExpressionDxe/OnigurumaUefiPort.h
2021-06-21T01:44:20.4973232Z ERROR - *Line number: 90
2021-06-21T01:44:20.4978337Z ERROR - *Function [free] has NO comment immediately preceding it.
2021-06-21T01:44:20.4981257Z ERROR -
2021-06-21T01:44:20.4983805Z ERROR - EFI coding style error
2021-06-21T01:44:20.4986537Z ERROR - *Error code: 5001
2021-06-21T01:44:20.4989508Z ERROR - *Return type of a function should exist and in the first line
2021-06-21T01:44:20.4997043Z ERROR - *file: //home/vsts/work/1/s/MdeModulePkg/Universal/RegularExpressionDxe/OnigurumaUefiPort.h
2021-06-21T01:44:20.4997804Z ERROR - *Line number: 90
2021-06-21T01:44:20.4998331Z ERROR - *[free] Return Type should appear on its own line
2021-06-21T01:44:20.4998762Z ERROR -
2021-06-21T01:44:20.4999175Z ERROR - EFI coding style error
2021-06-21T01:44:20.5017351Z ERROR - *Error code: 5003
2021-06-21T01:44:20.5023282Z ERROR - *Function name should be left justified, followed by the beginning of the parameter list, with the closing parenthesis on its own line, indented two spaces
2021-06-21T01:44:20.5024931Z ERROR - *file: //home/vsts/work/1/s/MdeModulePkg/Universal/RegularExpressionDxe/OnigurumaUefiPort.c
2021-06-21T01:44:20.5025818Z ERROR - *Line number: 99
2021-06-21T01:44:20.5026960Z ERROR - *Function name [free] should appear at the start of a line
2021-06-21T01:44:20.5027533Z ERROR -
2021-06-21T01:44:20.5027982Z ERROR - EFI coding style error
2021-06-21T01:44:20.5028454Z ERROR - *Error code: 5003
2021-06-21T01:44:20.5029279Z ERROR - *Function name should be left justified, followed by the beginning of the parameter list, with the closing parenthesis on its own line, indented two spaces
2021-06-21T01:44:20.5030177Z ERROR - *file: //home/vsts/work/1/s/MdeModulePkg/Universal/RegularExpressionDxe/OnigurumaUefiPort.h
2021-06-21T01:44:20.5030770Z ERROR - *Line number: 90
2021-06-21T01:44:20.5031330Z ERROR - *Function name [free] should appear at the start of a line
2021-06-21T01:44:20.5031788Z ERROR -
2021-06-21T01:44:20.5032240Z ERROR - EFI coding style error
2021-06-21T01:44:20.5032706Z ERROR - *Error code: 5003
2021-06-21T01:44:20.5033554Z ERROR - *Function name should be left justified, followed by the beginning of the parameter list, with the closing parenthesis on its own line, indented two spaces
2021-06-21T01:44:20.5036470Z ERROR - *file: //home/vsts/work/1/s/MdeModulePkg/Universal/RegularExpressionDxe/OnigurumaUefiPort.h
2021-06-21T01:44:20.5040063Z ERROR - *Line number: 90
2021-06-21T01:44:20.5043513Z ERROR - *Parameter ptr should be in its own line.
2021-06-21T01:44:20.5046782Z ERROR -
2021-06-21T01:44:20.5049909Z ERROR - EFI coding style error
2021-06-21T01:44:20.5053571Z ERROR - *Error code: 5003
2021-06-21T01:44:20.5057415Z ERROR - *Function name should be left justified, followed by the beginning of the parameter list, with the closing parenthesis on its own line, indented two spaces
2021-06-21T01:44:20.5066200Z ERROR - *file: //home/vsts/work/1/s/MdeModulePkg/Universal/RegularExpressionDxe/OnigurumaUefiPort.h
2021-06-21T01:44:20.5066831Z ERROR - *Line number: 90
2021-06-21T01:44:20.5067378Z ERROR - *')' should be on a new line and indented two spaces
2021-06-21T01:44:20.5067799Z ERROR -
2021-06-21T01:44:20.5068211Z ERROR - EFI coding style error
2021-06-21T01:44:20.5070600Z ERROR - *Error code: 7001
2021-06-21T01:44:20.5074448Z ERROR - *There should be no use of int, unsigned, char, void, long in any .c, .h or .asl files
2021-06-21T01:44:20.5077965Z ERROR - *file: //home/vsts/work/1/s/MdeModulePkg/Universal/RegularExpressionDxe/OnigurumaUefiPort.c
2021-06-21T01:44:20.5081222Z ERROR - *Line number: 110
2021-06-21T01:44:20.5084248Z ERROR - *Parameter ptr
2021-06-21T01:44:20.5090115Z ERROR -
2021-06-21T01:44:20.5090517Z ERROR - EFI coding style error
2021-06-21T01:44:20.5090923Z ERROR - *Error code: 7001
2021-06-21T01:44:20.5093481Z ERROR - *There should be no use of int, unsigned, char, void, long in any .c, .h or .asl files
2021-06-21T01:44:20.5096387Z ERROR - *file: //home/vsts/work/1/s/MdeModulePkg/Universal/RegularExpressionDxe/OnigurumaUefiPort.h
2021-06-21T01:44:20.5099658Z ERROR - *Line number: 90
2021-06-21T01:44:20.5103008Z ERROR - *free Return type void
2021-06-21T01:44:20.5105878Z ERROR -
2021-06-21T01:44:20.5108537Z ERROR - EFI coding style error
2021-06-21T01:44:20.5111630Z ERROR - *Error code: 7001
2021-06-21T01:44:20.5115083Z ERROR - *There should be no use of int, unsigned, char, void, long in any .c, .h or .asl files
2021-06-21T01:44:20.5118600Z ERROR - *file: //home/vsts/work/1/s/MdeModulePkg/Universal/RegularExpressionDxe/OnigurumaUefiPort.h
2021-06-21T01:44:20.5126189Z ERROR - *Line number: 90
2021-06-21T01:44:20.5142100Z ERROR - *Parameter ptr
2021-06-21T01:44:20.5142574Z ERROR -
2021-06-21T01:44:20.5142979Z ERROR - EFI coding style error
2021-06-21T01:44:20.5143429Z ERROR - *Error code: 8005
2021-06-21T01:44:20.5144332Z ERROR - *Variable name does not follow the rules: 1. First character should be upper case 2. Must contain lower case characters 3. No white space characters 4. Global variable name must start with a 'g'
2021-06-21T01:44:20.5145416Z ERROR - *file: //home/vsts/work/1/s/MdeModulePkg/Universal/RegularExpressionDxe/OnigurumaUefiPort.h
2021-06-21T01:44:20.5146050Z ERROR - *Line number: 90
2021-06-21T01:44:20.5146555Z ERROR - *Parameter [ptr] NOT follow naming convention.
2021-06-21T01:44:20.5146963Z ERROR -
2021-06-21T01:44:20.5147366Z ERROR - EFI coding style error
2021-06-21T01:44:20.5147794Z ERROR - *Error code: 8006
2021-06-21T01:44:20.5148562Z ERROR - *Function name does not follow the rules: 1. First character should be upper case 2. Must contain lower case characters 3. No white space characters
2021-06-21T01:44:20.5149399Z ERROR - *file: //home/vsts/work/1/s/MdeModulePkg/Universal/RegularExpressionDxe/OnigurumaUefiPort.c
2021-06-21T01:44:20.5149932Z ERROR - *Line number: 99
2021-06-21T01:44:20.5150445Z ERROR - *The function name [free] does not follow the rules
2021-06-21T01:44:20.5155470Z ERROR - --->Test Failed: EccCheck Test NO-TARGET returned 1

These are all (or mostly) related to preexistent code, so I think the EccCheck plugin config should be updated in MdeModulePkg, to permit an exception for these files.

For now, I've closed <https://github.com/tianocore/edk2/pull/1735> without merging it.

Thanks
Laszlo