From mboxrd@z Thu Jan  1 00:00:00 1970
Return-Path: <jiaxin.wu@intel.com>
Received: from mga02.intel.com (mga02.intel.com [134.134.136.20])
 (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits))
 (No client certificate requested)
 by ml01.01.org (Postfix) with ESMTPS id 4C9C881C8D
 for <edk2-devel@lists.01.org>; Thu, 10 Nov 2016 00:45:50 -0800 (PST)
Received: from fmsmga006.fm.intel.com ([10.253.24.20])
 by orsmga101.jf.intel.com with ESMTP; 10 Nov 2016 00:45:53 -0800
X-ExtLoop1: 1
X-IronPort-AV: E=Sophos;i="5.31,618,1473145200"; d="scan'208";a="29598135"
Received: from jiaxinwu-mobl2.ccr.corp.intel.com ([10.239.196.62])
 by fmsmga006.fm.intel.com with ESMTP; 10 Nov 2016 00:45:51 -0800
From: Jiaxin Wu <jiaxin.wu@intel.com>
To: edk2-devel@lists.01.org
Cc: Santhapur Naveen <naveens@amiindia.co.in>,
 Laszlo Ersek <lersek@redhat.com>, Ye Ting <ting.ye@intel.com>,
 Fu Siyuan <siyuan.fu@intel.com>
Date: Thu, 10 Nov 2016 16:45:47 +0800
Message-Id: <1478767547-188092-1-git-send-email-jiaxin.wu@intel.com>
X-Mailer: git-send-email 1.9.5.msysgit.1
Subject: [Patch] MdeModulePkg: Add wrong/invalid subnet check
X-BeenThere: edk2-devel@lists.01.org
X-Mailman-Version: 2.1.21
Precedence: list
List-Id: EDK II Development  <edk2-devel.lists.01.org>
List-Unsubscribe: <https://lists.01.org/mailman/options/edk2-devel>,
 <mailto:edk2-devel-request@lists.01.org?subject=unsubscribe>
List-Archive: <http://lists.01.org/pipermail/edk2-devel/>
List-Post: <mailto:edk2-devel@lists.01.org>
List-Help: <mailto:edk2-devel-request@lists.01.org?subject=help>
List-Subscribe: <https://lists.01.org/mailman/listinfo/edk2-devel>,
 <mailto:edk2-devel-request@lists.01.org?subject=subscribe>
X-List-Received-Date: Thu, 10 Nov 2016 08:45:50 -0000

This patch is used to add the wrong/invalid subnet check.
Meanwhile, correct the the return status.

Cc: Santhapur Naveen <naveens@amiindia.co.in>
Cc: Laszlo Ersek <lersek@redhat.com>
Cc: Ye Ting <ting.ye@intel.com>
Cc: Fu Siyuan <siyuan.fu@intel.com>
Contributed-under: TianoCore Contribution Agreement 1.0
Signed-off-by: Jiaxin Wu <jiaxin.wu@intel.com>
---
 MdeModulePkg/Universal/Network/Ip4Dxe/Ip4Config2Impl.c | 18 +++++++++++-------
 MdeModulePkg/Universal/Network/Ip4Dxe/Ip4If.c          |  8 +++++---
 2 files changed, 16 insertions(+), 10 deletions(-)

diff --git a/MdeModulePkg/Universal/Network/Ip4Dxe/Ip4Config2Impl.c b/MdeModulePkg/Universal/Network/Ip4Dxe/Ip4Config2Impl.c
index a931bb3..672a092 100644
--- a/MdeModulePkg/Universal/Network/Ip4Dxe/Ip4Config2Impl.c
+++ b/MdeModulePkg/Universal/Network/Ip4Dxe/Ip4Config2Impl.c
@@ -1253,10 +1253,17 @@ Ip4Config2SetMaunualAddress (
     return EFI_WRITE_PROTECTED;
   }
 
   NewAddress = *((EFI_IP4_CONFIG2_MANUAL_ADDRESS *) Data);
 
+  StationAddress = EFI_NTOHL (NewAddress.Address);
+  SubnetMask = EFI_NTOHL (NewAddress.SubnetMask);
+
+  if (NetGetMaskLength (SubnetMask) > IP4_MASK_MAX) {
+    return EFI_INVALID_PARAMETER;
+  }
+
   //
   // Store the new data, and init the DataItem status to EFI_NOT_READY because
   // we may have an asynchronous configuration process.
   //
   Ptr = AllocateCopyPool (DataSize, Data);
@@ -1271,30 +1278,27 @@ Ip4Config2SetMaunualAddress (
   
   DataItem->Data.Ptr = Ptr;
   DataItem->DataSize = DataSize;
   DataItem->Status   = EFI_NOT_READY;
 
-  StationAddress = EFI_NTOHL (NewAddress.Address);
-  SubnetMask = EFI_NTOHL (NewAddress.SubnetMask);
-
   IpSb->Reconfig = TRUE;
   Status = Ip4Config2SetDefaultAddr (IpSb, StationAddress, SubnetMask);
   if (EFI_ERROR (Status)) {
     goto ON_EXIT;
   }  
 
-  DataItem->Status = EFI_SUCCESS;   
-
 ON_EXIT:
-  if (EFI_ERROR (DataItem->Status)) {
+  DataItem->Status = Status; 
+
+  if (EFI_ERROR (DataItem->Status) && DataItem->Status != EFI_NOT_READY) {
     if (Ptr != NULL) {
       FreePool (Ptr);
     }
     DataItem->Data.Ptr = NULL; 
   }
 
-  return EFI_SUCCESS;
+  return Status;
 }
 
 /**
   The work function is to set the gateway addresses manually for the EFI IPv4 
   network stack that is running on the communication device that this EFI IPv4 
diff --git a/MdeModulePkg/Universal/Network/Ip4Dxe/Ip4If.c b/MdeModulePkg/Universal/Network/Ip4Dxe/Ip4If.c
index 9cd5dd5..7550a13 100644
--- a/MdeModulePkg/Universal/Network/Ip4Dxe/Ip4If.c
+++ b/MdeModulePkg/Universal/Network/Ip4Dxe/Ip4If.c
@@ -562,10 +562,15 @@ Ip4SetAddress (
   EFI_STATUS                Status;
   INTN                      Len;
 
   NET_CHECK_SIGNATURE (Interface, IP4_INTERFACE_SIGNATURE);
 
+  Len = NetGetMaskLength (SubnetMask);
+  if (Len > IP4_MASK_MAX) {
+    return EFI_INVALID_PARAMETER;
+  }
+
   //
   // Set the ip/netmask, then compute the subnet broadcast
   // and network broadcast for easy access. When computing
   // nework broadcast, the subnet mask is most like longer
   // than the default netmask (not subneted) as defined in
@@ -573,13 +578,10 @@ Ip4SetAddress (
   // networks, use the subnet's mask instead.
   //
   Interface->Ip             = IpAddr;
   Interface->SubnetMask     = SubnetMask;
   Interface->SubnetBrdcast  = (IpAddr | ~SubnetMask);
-
-  Len                       = NetGetMaskLength (SubnetMask);
-  ASSERT (Len <= IP4_MASK_MAX);
   Interface->NetBrdcast     = (IpAddr | ~SubnetMask);
 
   //
   // Do clean up for Arp child
   //
-- 
1.9.5.msysgit.1