From mboxrd@z Thu Jan  1 00:00:00 1970
Return-Path: <jiaxin.wu@intel.com>
Received: from mga07.intel.com (mga07.intel.com [134.134.136.100])
 (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits))
 (No client certificate requested)
 by ml01.01.org (Postfix) with ESMTPS id E94ED81EE3
 for <edk2-devel@lists.01.org>; Thu, 24 Nov 2016 22:15:53 -0800 (PST)
Received: from orsmga001.jf.intel.com ([10.7.209.18])
 by orsmga105.jf.intel.com with ESMTP; 24 Nov 2016 22:15:53 -0800
X-ExtLoop1: 1
X-IronPort-AV: E=Sophos;i="5.31,693,1473145200"; d="scan'208";a="1063959590"
Received: from jiaxinwu-mobl2.ccr.corp.intel.com ([10.239.196.183])
 by orsmga001.jf.intel.com with ESMTP; 24 Nov 2016 22:15:52 -0800
From: Jiaxin Wu <jiaxin.wu@intel.com>
To: edk2-devel@lists.01.org
Cc: Zhang Lubo <lubo.zhang@intel.com>, Fu Siyuan <siyuan.fu@intel.com>,
 Ye Ting <ting.ye@intel.com>
Date: Fri, 25 Nov 2016 14:15:50 +0800
Message-Id: <1480054550-201956-1-git-send-email-jiaxin.wu@intel.com>
X-Mailer: git-send-email 1.9.5.msysgit.1
Subject: [Patch] MdeModulePkg/NetLib: Handle an invalid IPv6 address case
X-BeenThere: edk2-devel@lists.01.org
X-Mailman-Version: 2.1.21
Precedence: list
List-Id: EDK II Development  <edk2-devel.lists.01.org>
List-Unsubscribe: <https://lists.01.org/mailman/options/edk2-devel>,
 <mailto:edk2-devel-request@lists.01.org?subject=unsubscribe>
List-Archive: <http://lists.01.org/pipermail/edk2-devel/>
List-Post: <mailto:edk2-devel@lists.01.org>
List-Help: <mailto:edk2-devel-request@lists.01.org?subject=help>
List-Subscribe: <https://lists.01.org/mailman/listinfo/edk2-devel>,
 <mailto:edk2-devel-request@lists.01.org?subject=subscribe>
X-List-Received-Date: Fri, 25 Nov 2016 06:15:54 -0000

Handle an invalid IPv6 address in NetLibAsciiStrToIp6(),
like '2000:aaaa::1com'.

Cc: Zhang Lubo <lubo.zhang@intel.com>
Cc: Fu Siyuan <siyuan.fu@intel.com>
Cc: Ye Ting <ting.ye@intel.com>
Contributed-under: TianoCore Contribution Agreement 1.0
Signed-off-by: Jiaxin Wu <jiaxin.wu@intel.com>
---
 MdeModulePkg/Include/Library/NetLib.h      |  1 +
 MdeModulePkg/Library/DxeNetLib/DxeNetLib.c | 11 +++++++++++
 2 files changed, 12 insertions(+)

diff --git a/MdeModulePkg/Include/Library/NetLib.h b/MdeModulePkg/Include/Library/NetLib.h
index 26709af..09ead09 100644
--- a/MdeModulePkg/Include/Library/NetLib.h
+++ b/MdeModulePkg/Include/Library/NetLib.h
@@ -521,10 +521,11 @@ extern IP4_ADDR gIp4AllMasks[IP4_MASK_NUM];
 
 
 extern EFI_IPv4_ADDRESS  mZeroIp4Addr;
 
 #define NET_IS_DIGIT(Ch)            (('0' <= (Ch)) && ((Ch) <= '9'))
+#define NET_IS_HEX(Ch)              ((('0' <= (Ch)) && ((Ch) <= '9')) || (('A' <= (Ch)) && ((Ch) <= 'F')) || (('a' <= (Ch)) && ((Ch) <= 'f')))
 #define NET_ROUNDUP(size, unit)     (((size) + (unit) - 1) & (~((unit) - 1)))
 #define NET_IS_LOWER_CASE_CHAR(Ch)  (('a' <= (Ch)) && ((Ch) <= 'z'))
 #define NET_IS_UPPER_CASE_CHAR(Ch)  (('A' <= (Ch)) && ((Ch) <= 'Z'))
 
 #define TICKS_PER_MS            10000U
diff --git a/MdeModulePkg/Library/DxeNetLib/DxeNetLib.c b/MdeModulePkg/Library/DxeNetLib/DxeNetLib.c
index 0804052..0a7117c 100644
--- a/MdeModulePkg/Library/DxeNetLib/DxeNetLib.c
+++ b/MdeModulePkg/Library/DxeNetLib/DxeNetLib.c
@@ -2830,10 +2830,21 @@ NetLibAsciiStrToIp6 (
 
   for (Index = 0; Index < 15; Index = (UINT8) (Index + 2)) {
     TempStr = Ip6Str;
 
     while ((*Ip6Str != '\0') && (*Ip6Str != ':')) {
+      if (Index != 14 && !NET_IS_HEX (*Ip6Str)) {
+        return EFI_INVALID_PARAMETER;
+      }
+      
+      //
+      // Allow the IPv6 with prefix case, e.g. 2000:aaaa::10/24 
+      //
+      if (Index == 14 && !NET_IS_HEX (*Ip6Str) && *Ip6Str != '/') {
+        return EFI_INVALID_PARAMETER;
+      }
+      
       Ip6Str++;
     }
 
     if ((*Ip6Str == '\0') && (Index != 14)) {
       return EFI_INVALID_PARAMETER;
-- 
1.9.5.msysgit.1