From e076d2ab8ca20c3f29420cae2a5b990bddca0d35 Mon Sep 17 00:00:00 2001 From: Brit Chesley Date: Thu, 12 Jun 2025 15:05:49 -0500 Subject: [PATCH] NetworkPkg/DxeNetLib: Fix CodeQl Error Fix possible NULL pointer dereference in NetBuffer.c This was flagged by CodeQl as an error. Github Issue #11190 Signed-off-by: Brit Chesley --- NetworkPkg/Include/Library/NetLib.h | 3 ++- NetworkPkg/Library/DxeNetLib/NetBuffer.c | 8 ++++++-- 2 files changed, 8 insertions(+), 3 deletions(-) diff --git a/NetworkPkg/Include/Library/NetLib.h b/NetworkPkg/Include/Library/NetLib.h index e8108b79db..34e89dad44 100644 --- a/NetworkPkg/Include/Library/NetLib.h +++ b/NetworkPkg/Include/Library/NetLib.h @@ -2081,7 +2081,8 @@ NetbufQueAppend ( @param[out] Dest The destination of the data to copy to. @return The length of the actual copied data, or 0 if the offset - specified exceeds the total size of net buffer queue. + specified exceeds the total size of net buffer queue, or + a NetBuf pointer is NULL. **/ UINT32 diff --git a/NetworkPkg/Library/DxeNetLib/NetBuffer.c b/NetworkPkg/Library/DxeNetLib/NetBuffer.c index 4721fbd270..3827f5afcf 100644 --- a/NetworkPkg/Library/DxeNetLib/NetBuffer.c +++ b/NetworkPkg/Library/DxeNetLib/NetBuffer.c @@ -1430,7 +1430,8 @@ NetbufQueRemove ( @param[out] Dest The destination of the data to copy to. @return The length of the actual copied data, or 0 if the offset - specified exceeds the total size of net buffer queue. + specified exceeds the total size of net buffer queue, or + a NetBuf pointer is NULL. **/ UINT32 @@ -1476,7 +1477,10 @@ NetbufQueCopy ( Cur += Nbuf->TotalSize; } - ASSERT (Nbuf != NULL); + if (Nbuf == NULL) { + ASSERT (FALSE); + return 0; + } // // Copy the data in the first buffer.