From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Received-SPF: Pass (sender SPF authorized) identity=mailfrom; client-ip=134.134.136.65; helo=mga03.intel.com; envelope-from=jiaxin.wu@intel.com; receiver=edk2-devel@lists.01.org Received: from mga03.intel.com (mga03.intel.com [134.134.136.65]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ml01.01.org (Postfix) with ESMTPS id EAB69222447D9 for ; Mon, 25 Dec 2017 17:29:03 -0800 (PST) X-Amp-Result: SKIPPED(no attachment in message) X-Amp-File-Uploaded: False Received: from orsmga002.jf.intel.com ([10.7.209.21]) by orsmga103.jf.intel.com with ESMTP/TLS/DHE-RSA-AES256-GCM-SHA384; 25 Dec 2017 17:33:57 -0800 X-ExtLoop1: 1 X-IronPort-AV: E=Sophos;i="5.45,457,1508828400"; d="scan'208";a="21327536" Received: from jiaxinwu-mobl2.ccr.corp.intel.com ([10.239.196.165]) by orsmga002.jf.intel.com with ESMTP; 25 Dec 2017 17:33:56 -0800 From: Jiaxin Wu To: edk2-devel@lists.01.org Cc: Ye Ting , Fu Siyuan , Wang Fan , Wu Jiaxin Date: Tue, 26 Dec 2017 09:33:47 +0800 Message-Id: <1514252029-12720-4-git-send-email-jiaxin.wu@intel.com> X-Mailer: git-send-email 1.9.5.msysgit.1 In-Reply-To: <1514252029-12720-1-git-send-email-jiaxin.wu@intel.com> References: <1514252029-12720-1-git-send-email-jiaxin.wu@intel.com> Subject: [Patch 3/5] MdeModulePkg/DxeHttpLib: Check the input parameters for some APIs. X-BeenThere: edk2-devel@lists.01.org X-Mailman-Version: 2.1.23 Precedence: list List-Id: EDK II Development List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Tue, 26 Dec 2017 01:29:04 -0000 Cc: Ye Ting Cc: Fu Siyuan Cc: Wang Fan Contributed-under: TianoCore Contribution Agreement 1.0 Signed-off-by: Wu Jiaxin --- MdeModulePkg/Include/Library/HttpLib.h | 1 + MdeModulePkg/Library/DxeHttpLib/DxeHttpLib.c | 25 ++++++++++++++++++++----- 2 files changed, 21 insertions(+), 5 deletions(-) diff --git a/MdeModulePkg/Include/Library/HttpLib.h b/MdeModulePkg/Include/Library/HttpLib.h index 8539820..88b56ae 100644 --- a/MdeModulePkg/Include/Library/HttpLib.h +++ b/MdeModulePkg/Include/Library/HttpLib.h @@ -370,10 +370,11 @@ HttpFindHeader ( @param[in] FieldName FieldName of this HttpHeader, a NULL terminated ASCII string. @param[in] FieldValue FieldValue of this HttpHeader, a NULL terminated ASCII string. @retval EFI_SUCCESS The FieldName and FieldValue are set into HttpHeader successfully. + @retval EFI_INVALID_PARAMETER The parameter is invalid. @retval EFI_OUT_OF_RESOURCES Failed to allocate resources. **/ EFI_STATUS EFIAPI diff --git a/MdeModulePkg/Library/DxeHttpLib/DxeHttpLib.c b/MdeModulePkg/Library/DxeHttpLib/DxeHttpLib.c index 27b94e3..38ded5d 100644 --- a/MdeModulePkg/Library/DxeHttpLib/DxeHttpLib.c +++ b/MdeModulePkg/Library/DxeHttpLib/DxeHttpLib.c @@ -1396,10 +1396,14 @@ HttpIsMessageComplete ( IN VOID *MsgParser ) { HTTP_BODY_PARSER *Parser; + if (MsgParser == NULL) { + return FALSE; + } + Parser = (HTTP_BODY_PARSER*) MsgParser; if (Parser->State == BodyParserComplete) { return TRUE; } @@ -1497,10 +1501,11 @@ AsciiStrGetNextToken ( @param[in] FieldName FieldName of this HttpHeader, a NULL terminated ASCII string. @param[in] FieldValue FieldValue of this HttpHeader, a NULL terminated ASCII string. @retval EFI_SUCCESS The FieldName and FieldValue are set into HttpHeader successfully. + @retval EFI_INVALID_PARAMETER The parameter is invalid. @retval EFI_OUT_OF_RESOURCES Failed to allocate resources. **/ EFI_STATUS EFIAPI @@ -1511,10 +1516,14 @@ HttpSetFieldNameAndValue ( ) { UINTN FieldNameSize; UINTN FieldValueSize; + if (HttpHeader == NULL || FieldName == NULL || FieldValue == NULL) { + return EFI_INVALID_PARAMETER; + } + if (HttpHeader->FieldName != NULL) { FreePool (HttpHeader->FieldName); } if (HttpHeader->FieldValue != NULL) { FreePool (HttpHeader->FieldValue); @@ -1728,14 +1737,10 @@ HttpGenRequestMessage ( VOID *HttpHdr; EFI_HTTP_HEADER **AppendList; UINTN Index; EFI_HTTP_UTILITIES_PROTOCOL *HttpUtilitiesProtocol; - - ASSERT (Message != NULL); - - *RequestMsg = NULL; Status = EFI_SUCCESS; HttpHdrSize = 0; MsgSize = 0; Success = FALSE; HttpHdr = NULL; @@ -1746,11 +1751,12 @@ HttpGenRequestMessage ( // 1. If we have a Request, we cannot have a NULL Url // 2. If we have a Request, HeaderCount can not be non-zero // 3. If we do not have a Request, HeaderCount should be zero // 4. If we do not have Request and Headers, we need at least a message-body // - if ((Message->Data.Request != NULL && Url == NULL) || + if ((Message == NULL || RequestMsg == NULL || RequestMsgSize == NULL) || + (Message->Data.Request != NULL && Url == NULL) || (Message->Data.Request != NULL && Message->HeaderCount == 0) || (Message->Data.Request == NULL && Message->HeaderCount != 0) || (Message->Data.Request == NULL && Message->HeaderCount == 0 && Message->BodyLength == 0)) { return EFI_INVALID_PARAMETER; } @@ -1827,10 +1833,11 @@ HttpGenRequestMessage ( MsgSize += Message->BodyLength; // // memory for the string that needs to be sent to TCP // + *RequestMsg = NULL; *RequestMsg = AllocateZeroPool (MsgSize); if (*RequestMsg == NULL) { Status = EFI_OUT_OF_RESOURCES; goto Exit; } @@ -2052,11 +2059,19 @@ HttpIsValidHttpHeader ( IN CHAR8 *FieldName ) { UINTN Index; + if (FieldName == NULL) { + return FALSE; + } + for (Index = 0; Index < DeleteCount; Index++) { + if (DeleteList[Index] == NULL) { + continue; + } + if (AsciiStrCmp (FieldName, DeleteList[Index]) == 0) { return FALSE; } } -- 1.9.5.msysgit.1