From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Received-SPF: Pass (sender SPF authorized) identity=mailfrom; client-ip=192.55.52.43; helo=mga05.intel.com; envelope-from=jiaxin.wu@intel.com; receiver=edk2-devel@lists.01.org Received: from mga05.intel.com (mga05.intel.com [192.55.52.43]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ml01.01.org (Postfix) with ESMTPS id D6794221ED764 for ; Wed, 20 Dec 2017 21:11:57 -0800 (PST) X-Amp-Result: SKIPPED(no attachment in message) X-Amp-File-Uploaded: False Received: from orsmga007.jf.intel.com ([10.7.209.58]) by fmsmga105.fm.intel.com with ESMTP/TLS/DHE-RSA-AES256-GCM-SHA384; 20 Dec 2017 21:16:45 -0800 X-ExtLoop1: 1 X-IronPort-AV: E=Sophos;i="5.45,434,1508828400"; d="scan'208";a="4427322" Received: from jiaxinwu-mobl2.ccr.corp.intel.com ([10.239.196.141]) by orsmga007.jf.intel.com with ESMTP; 20 Dec 2017 21:16:43 -0800 From: Jiaxin Wu To: edk2-devel@lists.01.org Cc: Ye Ting , Long Qin , Fu Siyuan , Wu Jiaxin Date: Thu, 21 Dec 2017 13:16:41 +0800 Message-Id: <1513833401-13644-1-git-send-email-jiaxin.wu@intel.com> X-Mailer: git-send-email 1.9.5.msysgit.1 Subject: [Patch] CryptoPkg/TlsLib: Add some parameter check and clarification. X-BeenThere: edk2-devel@lists.01.org X-Mailman-Version: 2.1.23 Precedence: list List-Id: EDK II Development List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Thu, 21 Dec 2017 05:11:58 -0000 Cc: Ye Ting Cc: Long Qin Cc: Fu Siyuan Contributed-under: TianoCore Contribution Agreement 1.0 Signed-off-by: Wu Jiaxin --- CryptoPkg/Include/Library/TlsLib.h | 6 ++++++ CryptoPkg/Library/TlsLib/TlsConfig.c | 8 +++++++- 2 files changed, 13 insertions(+), 1 deletion(-) diff --git a/CryptoPkg/Include/Library/TlsLib.h b/CryptoPkg/Include/Library/TlsLib.h index b69d513..e19a38a 100644 --- a/CryptoPkg/Include/Library/TlsLib.h +++ b/CryptoPkg/Include/Library/TlsLib.h @@ -521,10 +521,12 @@ TlsSetCertRevocationList ( Gets the protocol version used by the specified TLS connection. This function returns the protocol version used by the specified TLS connection. + If Tls is NULL, then ASSERT(). + @param[in] Tls Pointer to the TLS object. @return The protocol version of the specified TLS connection. **/ @@ -538,10 +540,12 @@ TlsGetVersion ( Gets the connection end of the specified TLS connection. This function returns the connection end (as client or as server) used by the specified TLS connection. + If Tls is NULL, then ASSERT(). + @param[in] Tls Pointer to the TLS object. @return The connection end used by the specified TLS connection. **/ @@ -599,10 +603,12 @@ TlsGetCurrentCompressionId ( Gets the verification mode currently set in the TLS connection. This function returns the peer verification mode currently set in the specified TLS connection. + If Tls is NULL, then ASSERT(). + @param[in] Tls Pointer to the TLS object. @return The verification mode set in the specified TLS connection. **/ diff --git a/CryptoPkg/Library/TlsLib/TlsConfig.c b/CryptoPkg/Library/TlsLib/TlsConfig.c index 4c88229..2ffe58a 100644 --- a/CryptoPkg/Library/TlsLib/TlsConfig.c +++ b/CryptoPkg/Library/TlsLib/TlsConfig.c @@ -640,10 +640,12 @@ TlsSetCertRevocationList ( Gets the protocol version used by the specified TLS connection. This function returns the protocol version used by the specified TLS connection. + If Tls is NULL, then ASSERT(). + @param[in] Tls Pointer to the TLS object. @return The protocol version of the specified TLS connection. **/ @@ -666,10 +668,12 @@ TlsGetVersion ( Gets the connection end of the specified TLS connection. This function returns the connection end (as client or as server) used by the specified TLS connection. + If Tls is NULL, then ASSERT(). + @param[in] Tls Pointer to the TLS object. @return The connection end used by the specified TLS connection. **/ @@ -759,10 +763,12 @@ TlsGetCurrentCompressionId ( Gets the verification mode currently set in the TLS connection. This function returns the peer verification mode currently set in the specified TLS connection. + If Tls is NULL, then ASSERT(). + @param[in] Tls Pointer to the TLS object. @return The verification mode set in the specified TLS connection. **/ @@ -982,11 +988,11 @@ TlsGetHostPublicCert ( TLS_CONNECTION *TlsConn; Cert = NULL; TlsConn = (TLS_CONNECTION *) Tls; - if (TlsConn == NULL || TlsConn->Ssl == NULL || DataSize == NULL) { + if (TlsConn == NULL || TlsConn->Ssl == NULL || DataSize == NULL || (*DataSize != 0 && Data == NULL)) { return EFI_INVALID_PARAMETER; } Cert = SSL_get_certificate(TlsConn->Ssl); if (Cert == NULL) { -- 1.9.5.msysgit.1