From mboxrd@z Thu Jan 1 00:00:00 1970 Received: from linux.microsoft.com (linux.microsoft.com [13.77.154.182]) by mx.groups.io with SMTP id smtpd.web10.10541.1679697073845069377 for ; Fri, 24 Mar 2023 15:31:13 -0700 Authentication-Results: mx.groups.io; dkim=fail reason="body hash did not verify" header.i=@linux.microsoft.com header.s=default header.b=V+nW77Jx; spf=pass (domain: linux.microsoft.com, ip: 13.77.154.182, mailfrom: mikuback@linux.microsoft.com) Received: from localhost.localdomain (unknown [47.201.8.94]) by linux.microsoft.com (Postfix) with ESMTPSA id AF00120FC4D8; Fri, 24 Mar 2023 15:31:12 -0700 (PDT) DKIM-Filter: OpenDKIM Filter v2.11.0 linux.microsoft.com AF00120FC4D8 DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=linux.microsoft.com; s=default; t=1679697073; bh=hHDURJcJRGSTmP4kQpaLhh/c5LNShoWlvnfKzefLxgM=; h=From:To:Cc:Subject:Date:In-Reply-To:References:From; b=V+nW77JxR9uzhYkOZ4CYXEf0C+CDo1mz/iSSQpBlBmAsiOYZKJXxh1GnB1At0ZbWQ BdMDqzU5NuDB81kZ2XYHCod2jW91AD4+vU4zQYuU8xKoclquthkgzn+NNQFZJn/cvd i7N94/aULivuMQM/zhJkI5RIpEfqS/ZNEHfRv8So= From: "Michael Kubacki" To: devel@edk2.groups.io Cc: Erich McMillan , Jiaxin Wu , Maciej Rabeda , Michael D Kinney , Michael Kubacki , Siyuan Fu Subject: [PATCH v7 07/12] NetworkPkg: Fix conditionally uninitialized variables Date: Fri, 24 Mar 2023 18:30:29 -0400 Message-Id: <20230324223034.1560-8-mikuback@linux.microsoft.com> X-Mailer: git-send-email 2.40.0.windows.1 In-Reply-To: <20230324223034.1560-1-mikuback@linux.microsoft.com> References: <20230324223034.1560-1-mikuback@linux.microsoft.com> MIME-Version: 1.0 Content-Transfer-Encoding: quoted-printable From: Michael Kubacki Fixes CodeQL alerts for CWE-457: https://cwe.mitre.org/data/definitions/457.html Cc: Erich McMillan Cc: Jiaxin Wu Cc: Maciej Rabeda Cc: Michael D Kinney Cc: Michael Kubacki Cc: Siyuan Fu Co-authored-by: Erich McMillan Signed-off-by: Michael Kubacki Reviewed-by: Michael D Kinney --- NetworkPkg/Library/DxeHttpLib/DxeHttpLib.c | 2 +- NetworkPkg/TcpDxe/TcpInput.c | 3 +++ 2 files changed, 4 insertions(+), 1 deletion(-) diff --git a/NetworkPkg/Library/DxeHttpLib/DxeHttpLib.c b/NetworkPkg/Libr= ary/DxeHttpLib/DxeHttpLib.c index 6a5d78629bb3..21813463aa4f 100644 --- a/NetworkPkg/Library/DxeHttpLib/DxeHttpLib.c +++ b/NetworkPkg/Library/DxeHttpLib/DxeHttpLib.c @@ -753,7 +753,7 @@ HttpUrlGetPort ( =20 Status =3D AsciiStrDecimalToUintnS (Url + Parser->FieldData[HTTP_URI_= FIELD_PORT].Offset, (CHAR8 **)NULL, &Data); =20 - if (Data > HTTP_URI_PORT_MAX_NUM) { + if (EFI_ERROR (Status) || (Data > HTTP_URI_PORT_MAX_NUM)) { Status =3D EFI_INVALID_PARAMETER; goto ON_EXIT; } diff --git a/NetworkPkg/TcpDxe/TcpInput.c b/NetworkPkg/TcpDxe/TcpInput.c index fb1aa827f8ba..7b329be64dfe 100644 --- a/NetworkPkg/TcpDxe/TcpInput.c +++ b/NetworkPkg/TcpDxe/TcpInput.c @@ -1570,6 +1570,9 @@ TcpIcmpInput ( BOOLEAN IcmpErrIsHard; BOOLEAN IcmpErrNotify; =20 + IcmpErrIsHard =3D FALSE; + IcmpErrNotify =3D FALSE; + if (Nbuf->TotalSize < sizeof (TCP_HEAD)) { goto CLEAN_EXIT; } --=20 2.40.0.windows.1