| शीर्षक | RefindPlusRepo RefindPlus v0.14.2.AB Release NULL Pointer Dereference |
|---|
| विवरण | One potential NPD issue.
The location is in Library/RP_ApfsLib /RP_ApfsIo.c#L199 as the InternalApfsTranslateBlock function may return NULL.
```c
for (Index = 0; Index < JumpStart->NumExtents || EfiFileSize != 0; ++Index) {
BlockIo = InternalApfsTranslateBlock ( // NULL maybe return here.
PrivateData,
JumpStart->RecordExtents[Index].StartPhysicalAddr,
&Lba
);
if (JumpStart->RecordExtents[Index].BlockCount > MAX_UINTN
|| OcOverflowMulUN ((UINTN) JumpStart->RecordExtents[Index].BlockCount, PrivateData->ApfsBlockSize, &ChunkSize)
|| ChunkSize > EfiFileSize) {
FreePool (EfiFile);
return EFI_SECURITY_VIOLATION;
}
Status = BlockIo->ReadBlocks ( // may directly access the NULL here.
BlockIo,
BlockIo->Media->MediaId,
Lba,
ChunkSize,
ChunkPtr
);
if (EFI_ERROR(Status)) {
FreePool (EfiFile);
return Status;
}
``` |
|---|
| स्रोत | ⚠️ https://github.com/RefindPlusRepo/RefindPlus/issues/206 |
|---|
| उपयोगकर्ता | micromilo (UID 84159) |
|---|
| सबमिशन | 15/04/2025 09:42 AM (1 वर्ष पहले) |
|---|
| संयम | 26/04/2025 10:39 AM (11 days later) |
|---|
| स्थिति | स्वीकृत |
|---|
| VulDB प्रविष्टि | 306339 [RefindPlusRepo RefindPlus 0.14.2.AB RP_ApfsIo.c InternalApfsTranslateBlock सेवा अस्वीकार] |
|---|
| अंक | 20 |
|---|