Is there an existing issue for this?
Current Behavior
NvmExpressDriverBindingStart: early return leaks Private and protocol opens
Why this is a real bug:
After allocating Private via AllocateZeroPool (line ~1201) and successfully opening both gEfiDevicePathProtocolGuid and gEfiPciIoProtocolGuid BY_DRIVER, the function attempts PciIo->Attributes(EfiPciIoAttributeOperationGet, ...). If this call fails, the code executes return Status instead of goto Exit.
Why this is NOT a false positive:
The Exit: label at line ~1340 performs FreePool(Private), gBS->CloseProtocol(PciIo), and gBS->CloseProtocol(DevicePath). The direct return skips all of these. No other caller cleans up Private or closes the protocols.
Consequence:
Memory leak of NVME_CONTROLLER_PRIVATE_DATA. Two protocols remain opened BY_DRIVER on the controller handle, preventing other drivers from binding.
Expected Behavior
Memory is freed
Protocols are closed
Steps To Reproduce
NvmExpressDriverBindingStart is called.
OpenProtocol for DevicePath succeeds (opens BY_DRIVER).
OpenProtocol for PciIo succeeds (opens BY_DRIVER).
AllocateZeroPool for Private succeeds.
PciIo->Attributes(Get) returns an error.
return Status bypasses the Exit: label.
Build Environment
Version Information
Urgency
Low
Are you going to fix this?
I will fix it
Do you need maintainer feedback?
No maintainer feedback needed
Anything else?
No response
Is there an existing issue for this?
Current Behavior
NvmExpressDriverBindingStart: early return leaks Private and protocol opens
Why this is a real bug:
After allocating Private via AllocateZeroPool (line ~1201) and successfully opening both gEfiDevicePathProtocolGuid and gEfiPciIoProtocolGuid BY_DRIVER, the function attempts PciIo->Attributes(EfiPciIoAttributeOperationGet, ...). If this call fails, the code executes return Status instead of goto Exit.
Why this is NOT a false positive:
The Exit: label at line ~1340 performs FreePool(Private), gBS->CloseProtocol(PciIo), and gBS->CloseProtocol(DevicePath). The direct return skips all of these. No other caller cleans up Private or closes the protocols.
Consequence:
Memory leak of NVME_CONTROLLER_PRIVATE_DATA. Two protocols remain opened BY_DRIVER on the controller handle, preventing other drivers from binding.
Expected Behavior
Memory is freed
Protocols are closed
Steps To Reproduce
NvmExpressDriverBindingStart is called.
OpenProtocol for DevicePath succeeds (opens BY_DRIVER).
OpenProtocol for PciIo succeeds (opens BY_DRIVER).
AllocateZeroPool for Private succeeds.
PciIo->Attributes(Get) returns an error.
return Status bypasses the Exit: label.
Build Environment
Version Information
Urgency
Low
Are you going to fix this?
I will fix it
Do you need maintainer feedback?
No maintainer feedback needed
Anything else?
No response