Date
1 - 1 of 1
WifiConnectionManagerDxe crashes Form Browser when "Private->CurrentNic == NULL"
Konstantin Aladyshev
Hello!
I was investigating the 'WifiConnectionManagerDxe' module and found
out that its form crashes the Form Browser under the OVMF.
This is happening because the Callback() functions returns
'EFI_DEVICE_ERROR' when the 'CurrentNic' is equal to 'NULL':
```
EFI_STATUS
EFIAPI
WifiMgrDxeHiiConfigAccessCallback (
...
)
{
...
Private = WIFI_MGR_PRIVATE_DATA_FROM_CONFIG_ACCESS (This);
if (Private->CurrentNic == NULL) {
return EFI_DEVICE_ERROR;
}
...
}
```
In this case when the Callback() was called from the
'ProcessCallBackFunction', the 'ProcessCallBackFunction' would return
the same 'EFI_DEVICE_ERROR' to its own calling function
'SetupBrowser':
https://github.com/tianocore/edk2/blob/5a3641bfcdcf99fd76817833488f2af8abb69383/MdeModulePkg/Universal/SetupBrowserDxe/Presentation.c#L2072
And in case of a FORM_OPEN action
https://github.com/tianocore/edk2/blob/5a3641bfcdcf99fd76817833488f2af8abb69383/MdeModulePkg/Universal/SetupBrowserDxe/Presentation.c#L2488
or FORM_RETRIEVE
https://github.com/tianocore/edk2/blob/5a3641bfcdcf99fd76817833488f2af8abb69383/MdeModulePkg/Universal/SetupBrowserDxe/Presentation.c#L2519
or FORM_CLOSE
https://github.com/tianocore/edk2/blob/5a3641bfcdcf99fd76817833488f2af8abb69383/MdeModulePkg/Universal/SetupBrowserDxe/Presentation.c#L2653
this will lead to 'SetupBrowser' function error exit. Which in turn
will crash the Form Browser.
This patch fixes the problem:
```
if (Private->CurrentNic == NULL) {
- return EFI_DEVICE_ERROR;
+return EFI_UNSUPPORTED;
}
```
But I'm not sure if it is right to create such a change. Can someone
help me here?
Best regards,
Konstantin Aladyshev
I was investigating the 'WifiConnectionManagerDxe' module and found
out that its form crashes the Form Browser under the OVMF.
This is happening because the Callback() functions returns
'EFI_DEVICE_ERROR' when the 'CurrentNic' is equal to 'NULL':
```
EFI_STATUS
EFIAPI
WifiMgrDxeHiiConfigAccessCallback (
...
)
{
...
Private = WIFI_MGR_PRIVATE_DATA_FROM_CONFIG_ACCESS (This);
if (Private->CurrentNic == NULL) {
return EFI_DEVICE_ERROR;
}
...
}
```
In this case when the Callback() was called from the
'ProcessCallBackFunction', the 'ProcessCallBackFunction' would return
the same 'EFI_DEVICE_ERROR' to its own calling function
'SetupBrowser':
https://github.com/tianocore/edk2/blob/5a3641bfcdcf99fd76817833488f2af8abb69383/MdeModulePkg/Universal/SetupBrowserDxe/Presentation.c#L2072
And in case of a FORM_OPEN action
https://github.com/tianocore/edk2/blob/5a3641bfcdcf99fd76817833488f2af8abb69383/MdeModulePkg/Universal/SetupBrowserDxe/Presentation.c#L2488
or FORM_RETRIEVE
https://github.com/tianocore/edk2/blob/5a3641bfcdcf99fd76817833488f2af8abb69383/MdeModulePkg/Universal/SetupBrowserDxe/Presentation.c#L2519
or FORM_CLOSE
https://github.com/tianocore/edk2/blob/5a3641bfcdcf99fd76817833488f2af8abb69383/MdeModulePkg/Universal/SetupBrowserDxe/Presentation.c#L2653
this will lead to 'SetupBrowser' function error exit. Which in turn
will crash the Form Browser.
This patch fixes the problem:
```
if (Private->CurrentNic == NULL) {
- return EFI_DEVICE_ERROR;
+return EFI_UNSUPPORTED;
}
```
But I'm not sure if it is right to create such a change. Can someone
help me here?
Best regards,
Konstantin Aladyshev