From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Received: from mx1.redhat.com (mx1.redhat.com [209.132.183.28]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ml01.01.org (Postfix) with ESMTPS id DE7B681DA1 for ; Thu, 10 Nov 2016 01:19:00 -0800 (PST) Received: from int-mx11.intmail.prod.int.phx2.redhat.com (int-mx11.intmail.prod.int.phx2.redhat.com [10.5.11.24]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by mx1.redhat.com (Postfix) with ESMTPS id 1D50498C26; Thu, 10 Nov 2016 09:19:04 +0000 (UTC) Received: from lacos-laptop-7.usersys.redhat.com (ovpn-116-106.phx2.redhat.com [10.3.116.106]) by int-mx11.intmail.prod.int.phx2.redhat.com (8.14.4/8.14.4) with ESMTP id uAA9J2dG015278; Thu, 10 Nov 2016 04:19:02 -0500 To: Jiaxin Wu , edk2-devel@ml01.01.org References: <1478767547-188092-1-git-send-email-jiaxin.wu@intel.com> Cc: Santhapur Naveen , Ye Ting , Fu Siyuan From: Laszlo Ersek Message-ID: <75dd4410-77ec-39e5-3370-5fbb81f65914@redhat.com> Date: Thu, 10 Nov 2016 10:19:01 +0100 User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:45.0) Gecko/20100101 Thunderbird/45.4.0 MIME-Version: 1.0 In-Reply-To: <1478767547-188092-1-git-send-email-jiaxin.wu@intel.com> X-Scanned-By: MIMEDefang 2.68 on 10.5.11.24 X-Greylist: Sender IP whitelisted, not delayed by milter-greylist-4.5.16 (mx1.redhat.com [10.5.110.28]); Thu, 10 Nov 2016 09:19:04 +0000 (UTC) Subject: Re: [Patch] MdeModulePkg: Add wrong/invalid subnet check X-BeenThere: edk2-devel@lists.01.org X-Mailman-Version: 2.1.21 Precedence: list List-Id: EDK II Development List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Thu, 10 Nov 2016 09:19:01 -0000 Content-Type: text/plain; charset=windows-1252 Content-Transfer-Encoding: 7bit I have a few comments: On 11/10/16 09:45, Jiaxin Wu wrote: > This patch is used to add the wrong/invalid subnet check. > Meanwhile, correct the the return status. (1) I propose to split this patch into three patches, with the following subjects: MdeModulePkg/Ip4Dxe: Catch invalid subnet early in manual setting MdeModulePkg/Ip4Dxe: Fix error path return status MdeModulePkg/Ip4Dxe: Catch invalid subnet in Ip4SetAddress() helper In this structuring, patch #1 would be actually redundant; patch #3 would handle that case automatically. But, we can keep all three if you wish. > > Cc: Santhapur Naveen > Cc: Laszlo Ersek > Cc: Ye Ting > Cc: Fu Siyuan > Contributed-under: TianoCore Contribution Agreement 1.0 > Signed-off-by: Jiaxin Wu > --- > MdeModulePkg/Universal/Network/Ip4Dxe/Ip4Config2Impl.c | 18 +++++++++++------- > MdeModulePkg/Universal/Network/Ip4Dxe/Ip4If.c | 8 +++++--- > 2 files changed, 16 insertions(+), 10 deletions(-) > > diff --git a/MdeModulePkg/Universal/Network/Ip4Dxe/Ip4Config2Impl.c b/MdeModulePkg/Universal/Network/Ip4Dxe/Ip4Config2Impl.c > index a931bb3..672a092 100644 > --- a/MdeModulePkg/Universal/Network/Ip4Dxe/Ip4Config2Impl.c > +++ b/MdeModulePkg/Universal/Network/Ip4Dxe/Ip4Config2Impl.c > @@ -1253,10 +1253,17 @@ Ip4Config2SetMaunualAddress ( > return EFI_WRITE_PROTECTED; > } > > NewAddress = *((EFI_IP4_CONFIG2_MANUAL_ADDRESS *) Data); > > + StationAddress = EFI_NTOHL (NewAddress.Address); > + SubnetMask = EFI_NTOHL (NewAddress.SubnetMask); > + > + if (NetGetMaskLength (SubnetMask) > IP4_MASK_MAX) { > + return EFI_INVALID_PARAMETER; > + } > + > // > // Store the new data, and init the DataItem status to EFI_NOT_READY because > // we may have an asynchronous configuration process. > // > Ptr = AllocateCopyPool (DataSize, Data); > @@ -1271,30 +1278,27 @@ Ip4Config2SetMaunualAddress ( > > DataItem->Data.Ptr = Ptr; > DataItem->DataSize = DataSize; > DataItem->Status = EFI_NOT_READY; > > - StationAddress = EFI_NTOHL (NewAddress.Address); > - SubnetMask = EFI_NTOHL (NewAddress.SubnetMask); > - (2) This part looks good to me, but for stylistic reasons, I recommend replacing > IP4_MASK_MAX with == IP4_MASK_NUM The reason is that the leading comment on NetGetMaskLength() documents IP4_MASK_NUM as the error value: @return The length of the netmask, IP4_MASK_NUM if the mask is invalid. Okay, so this is where patch #2 should start: > IpSb->Reconfig = TRUE; > Status = Ip4Config2SetDefaultAddr (IpSb, StationAddress, SubnetMask); > if (EFI_ERROR (Status)) { > goto ON_EXIT; > } > > - DataItem->Status = EFI_SUCCESS; > - > ON_EXIT: > - if (EFI_ERROR (DataItem->Status)) { > + DataItem->Status = Status; > + > + if (EFI_ERROR (DataItem->Status) && DataItem->Status != EFI_NOT_READY) { > if (Ptr != NULL) { > FreePool (Ptr); > } > DataItem->Data.Ptr = NULL; > } > > - return EFI_SUCCESS; > + return Status; > } > > /** > The work function is to set the gateway addresses manually for the EFI IPv4 > network stack that is running on the communication device that this EFI IPv4 (3) This looks good (with your explanation in the bugzilla), except you could remove the ON_EXIT label too, with the referring goto statement as well. There is nothing left between the (sole) jump to ON_EXIT, and ON_EXIT itself, so the goto is useless. This is where the third patch should start: > diff --git a/MdeModulePkg/Universal/Network/Ip4Dxe/Ip4If.c b/MdeModulePkg/Universal/Network/Ip4Dxe/Ip4If.c > index 9cd5dd5..7550a13 100644 > --- a/MdeModulePkg/Universal/Network/Ip4Dxe/Ip4If.c > +++ b/MdeModulePkg/Universal/Network/Ip4Dxe/Ip4If.c > @@ -562,10 +562,15 @@ Ip4SetAddress ( > EFI_STATUS Status; > INTN Len; > > NET_CHECK_SIGNATURE (Interface, IP4_INTERFACE_SIGNATURE); > > + Len = NetGetMaskLength (SubnetMask); > + if (Len > IP4_MASK_MAX) { > + return EFI_INVALID_PARAMETER; > + } > + (4) Same comment as (2), about IP4_MASK_NUM. > // > // Set the ip/netmask, then compute the subnet broadcast > // and network broadcast for easy access. When computing > // nework broadcast, the subnet mask is most like longer > // than the default netmask (not subneted) as defined in > @@ -573,13 +578,10 @@ Ip4SetAddress ( > // networks, use the subnet's mask instead. > // > Interface->Ip = IpAddr; > Interface->SubnetMask = SubnetMask; > Interface->SubnetBrdcast = (IpAddr | ~SubnetMask); > - > - Len = NetGetMaskLength (SubnetMask); > - ASSERT (Len <= IP4_MASK_MAX); > Interface->NetBrdcast = (IpAddr | ~SubnetMask); > > // > // Do clean up for Arp child > // > Thanks! Laszlo