QuarkSocPkg/QNCSmmDispatcher: Fix use after free issue #2

As part of commit 5f82e02, ActiveRecordInDb was introduced as a copy of RecordInDb as latter may be freed by the callback function. This commit replaces an access of RecordInDb after the callback function has been executed with an access to ActiveRecordInDb. Cc: Michael D Kinney <[email protected]> Cc: Kelly Steele <[email protected]> Contributed-under: TianoCore Contribution Agreement 1.1 Signed-off-by: Marvin Haeuser <[email protected]> Reviewed-by: Michael D Kinney <[email protected]>
tianocore · Aug 17, 2017 · 4e33ff7 · 4e33ff7
1 parent 6619cf3
commit 4e33ff7
Showing 1 changed file with 2 additions and 2 deletions.
diff --git a/QuarkSocPkg/QuarkNorthCluster/Smm/DxeSmm/QncSmmDispatcher/QNCSmmCore.c b/QuarkSocPkg/QuarkNorthCluster/Smm/DxeSmm/QncSmmDispatcher/QNCSmmCore.c
@@ -2,7 +2,7 @@
 This driver is responsible for the registration of child drivers
 and the abstraction of the QNC SMI sources.
 
-Copyright (c) 2013-2016 Intel Corporation.
+Copyright (c) 2013-2017 Intel Corporation.
 
 This program and the accompanying materials
 are licensed and made available under the terms and conditions of the BSD License
@@ -758,7 +758,7 @@ QNCSmmCoreDispatcher (
             }
           }
 
-          if (RecordInDb->ClearSource == NULL) {
+          if (ActiveRecordInDb.ClearSource == NULL) {
             //
             // Clear the SMI associated w/ the source using the default function
             //