QcomModulePkg: Clean up potential NULL pointer dereferences

Clean up potential NULL pointer dereferences in the bootloader. Change-Id: I18531ffc5ffdaed5065ce2fefcdf86fbc9135ced Signed-off-by: Melody Olvera <molvera@codeaurora.org>
author: Melody Olvera <molvera@codeaurora.org> 2021-07-09 13:28:14 -0700
committer: Melody Olvera <molvera@codeaurora.org> 2021-07-12 12:03:59 -0700
commit: 8ef122714216b58e894193aa216ac868d89efa27 (patch)
tree: 84c94da46810b71ddc863fba3572bb68d67b19cc
parent: 969dae11ce21fe29a09f6260015df0d3a25b6060 (diff)
3 files changed, 12 insertions, 4 deletions
diff --git a/QcomModulePkg/Library/BootLib/BootLinux.c b/QcomModulePkg/Library/BootLib/BootLinux.c
index 1e38c83f93..33672a2e39 100644
--- a/QcomModulePkg/Library/BootLib/BootLinux.c
+++ b/QcomModulePkg/Library/BootLib/BootLinux.c
@@ -1316,7 +1316,7 @@ CheckImageHeader (VOID *ImageHdrBuffer,
   boot_img_hdr_v3 *RecoveryImgHdrV3 = NULL;
   boot_img_hdr_v4 *BootImgHdrV4;
   vendor_boot_img_hdr_v4 *VendorBootImgHdrV4;
-  boot_img_hdr_v4 *RecoveryImgHdrV4;
+  boot_img_hdr_v4 *RecoveryImgHdrV4 = NULL;
 
   UINT32 KernelSizeActual = 0;
   UINT32 DtSizeActual = 0;
@@ -1347,7 +1347,8 @@ CheckImageHeader (VOID *ImageHdrBuffer,
     SecondSize = ((boot_img_hdr *)(ImageHdrBuffer))->second_size;
     *PageSize = ((boot_img_hdr *)(ImageHdrBuffer))->page_size;
   } else if (HeaderVersion == BOOT_HEADER_VERSION_THREE) {
-    if (CompareMem ((VOID *)((vendor_boot_img_hdr_v3 *)
+    if (!VendorImageHdrBuffer ||
+        CompareMem ((VOID *)((vendor_boot_img_hdr_v3 *)
                      (VendorImageHdrBuffer))->magic,
                      VENDOR_BOOT_MAGIC, VENDOR_BOOT_MAGIC_SIZE)) {
       DEBUG ((EFI_D_ERROR, "Invalid vendor_boot image header\n"));
diff --git a/QcomModulePkg/Library/BootLib/PartitionTableUpdate.c b/QcomModulePkg/Library/BootLib/PartitionTableUpdate.c
index 4546d8aa4b..e5ee225fd8 100755
--- a/QcomModulePkg/Library/BootLib/PartitionTableUpdate.c
+++ b/QcomModulePkg/Library/BootLib/PartitionTableUpdate.c
@@ -1,5 +1,5 @@
 /*
- * Copyright (c) 2015-2020, The Linux Foundation. All rights reserved.
+ * Copyright (c) 2015-2021, The Linux Foundation. All rights reserved.
  *
  * Redistribution and use in source and binary forms, with or without
  * modification, are permitted provided that the following conditions are met:
@@ -142,7 +142,8 @@ GetPartitionIndex (CHAR16 *Pname)
 
   for (i = 0; i < PartitionCount; i++) {
     if (!StrnCmp (PtnEntries[i].PartEntry.PartitionName, Pname,
-                  ARRAY_SIZE (PtnEntries[i].PartEntry.PartitionName))) {
+                  MIN (ARRAY_SIZE (PtnEntries[i].PartEntry.PartitionName),
+                       StrLen (Pname)))) {
       return i;
     }
   }
diff --git a/QcomModulePkg/Library/BootLib/UpdateCmdLine.c b/QcomModulePkg/Library/BootLib/UpdateCmdLine.c
index d47b567a3a..35c8005300 100644
--- a/QcomModulePkg/Library/BootLib/UpdateCmdLine.c
+++ b/QcomModulePkg/Library/BootLib/UpdateCmdLine.c
@@ -721,6 +721,12 @@ AddtoBootConfigList (BOOLEAN BootConfigFlag,
   NewNode = (struct BootConfigParamNode *)
                AllocateBootConfigNode (ParamKeyLen + SIZE_OF_DELIM +
                SIZE_OF_DELIM + ParamValueLen);
+  if (!NewNode) {
+    DEBUG ((EFI_D_ERROR, "Failed to add %s to bootconfig! Out of memory\n",
+            ParamKey));
+    return;
+  }
+
   gBS->CopyMem (NewNode->param, (CHAR8*)ParamKey, ParamKeyLen);
   if (ParamValue) {
     gBS->CopyMem (&NewNode->param[ParamKeyLen], (CHAR8*)ParamValue,
author	Melody Olvera <molvera@codeaurora.org>	2021-07-09 13:28:14 -0700
committer	Melody Olvera <molvera@codeaurora.org>	2021-07-12 12:03:59 -0700
commit	8ef122714216b58e894193aa216ac868d89efa27 (patch)
tree	84c94da46810b71ddc863fba3572bb68d67b19cc
parent	969dae11ce21fe29a09f6260015df0d3a25b6060 (diff)