From mboxrd@z Thu Jan  1 00:00:00 1970
Return-Path: <lubo.zhang@intel.com>
Received: from mga01.intel.com (mga01.intel.com [192.55.52.88])
 (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits))
 (No client certificate requested)
 by ml01.01.org (Postfix) with ESMTPS id E3F4481ED1
 for <edk2-devel@lists.01.org>; Fri, 25 Nov 2016 00:14:02 -0800 (PST)
Received: from orsmga004.jf.intel.com ([10.7.209.38])
 by fmsmga101.fm.intel.com with ESMTP; 25 Nov 2016 00:14:01 -0800
X-ExtLoop1: 1
X-IronPort-AV: E=Sophos;i="5.31,546,1473145200"; d="scan'208";a="34273370"
Received: from fmsmsx107.amr.corp.intel.com ([10.18.124.205])
 by orsmga004.jf.intel.com with ESMTP; 25 Nov 2016 00:14:01 -0800
Received: from fmsmsx115.amr.corp.intel.com (10.18.116.19) by
 fmsmsx107.amr.corp.intel.com (10.18.124.205) with Microsoft SMTP Server (TLS)
 id 14.3.248.2; Fri, 25 Nov 2016 00:14:00 -0800
Received: from shsmsx103.ccr.corp.intel.com (10.239.4.69) by
 fmsmsx115.amr.corp.intel.com (10.18.116.19) with Microsoft SMTP Server (TLS)
 id 14.3.248.2; Fri, 25 Nov 2016 00:14:00 -0800
Received: from shsmsx102.ccr.corp.intel.com ([169.254.2.239]) by
 SHSMSX103.ccr.corp.intel.com ([169.254.4.96]) with mapi id 14.03.0248.002;
 Fri, 25 Nov 2016 16:13:58 +0800
From: "Zhang, Lubo" <lubo.zhang@intel.com>
To: "Wu, Jiaxin" <jiaxin.wu@intel.com>, "edk2-devel@lists.01.org"
 <edk2-devel@lists.01.org>
CC: "Fu, Siyuan" <siyuan.fu@intel.com>, "Ye, Ting" <ting.ye@intel.com>
Thread-Topic: [Patch] MdeModulePkg/NetLib: Handle an invalid IPv6 address case
Thread-Index: AQHSRuNrBziNPYwSrkiC6tyZMpNgCqDpWc9g
Date: Fri, 25 Nov 2016 08:13:57 +0000
Message-ID: <7619447B08B8F74DA4FF2A813B79803B378FD1C9@shsmsx102.ccr.corp.intel.com>
References: <1480054550-201956-1-git-send-email-jiaxin.wu@intel.com>
In-Reply-To: <1480054550-201956-1-git-send-email-jiaxin.wu@intel.com>
Accept-Language: en-US
X-MS-Has-Attach: 
X-MS-TNEF-Correlator: 
x-originating-ip: [10.239.127.40]
MIME-Version: 1.0
Subject: Re: [Patch] MdeModulePkg/NetLib: Handle an invalid IPv6 address case
X-BeenThere: edk2-devel@lists.01.org
X-Mailman-Version: 2.1.21
Precedence: list
List-Id: EDK II Development  <edk2-devel.lists.01.org>
List-Unsubscribe: <https://lists.01.org/mailman/options/edk2-devel>,
 <mailto:edk2-devel-request@lists.01.org?subject=unsubscribe>
List-Archive: <http://lists.01.org/pipermail/edk2-devel/>
List-Post: <mailto:edk2-devel@lists.01.org>
List-Help: <mailto:edk2-devel-request@lists.01.org?subject=help>
List-Subscribe: <https://lists.01.org/mailman/listinfo/edk2-devel>,
 <mailto:edk2-devel-request@lists.01.org?subject=subscribe>
X-List-Received-Date: Fri, 25 Nov 2016 08:14:03 -0000
Content-Language: en-US
Content-Type: text/plain; charset="us-ascii"
Content-Transfer-Encoding: quoted-printable

Reviewed-by: Zhang Lubo <lubo.zhang@intel.com>

-----Original Message-----
From: Wu, Jiaxin=20
Sent: Friday, November 25, 2016 2:16 PM
To: edk2-devel@lists.01.org
Cc: Zhang, Lubo <lubo.zhang@intel.com>; Fu, Siyuan <siyuan.fu@intel.com>; Y=
e, Ting <ting.ye@intel.com>
Subject: [Patch] MdeModulePkg/NetLib: Handle an invalid IPv6 address case

Handle an invalid IPv6 address in NetLibAsciiStrToIp6(), like '2000:aaaa::1=
com'.

Cc: Zhang Lubo <lubo.zhang@intel.com>
Cc: Fu Siyuan <siyuan.fu@intel.com>
Cc: Ye Ting <ting.ye@intel.com>
Contributed-under: TianoCore Contribution Agreement 1.0
Signed-off-by: Jiaxin Wu <jiaxin.wu@intel.com>
---
 MdeModulePkg/Include/Library/NetLib.h      |  1 +
 MdeModulePkg/Library/DxeNetLib/DxeNetLib.c | 11 +++++++++++
 2 files changed, 12 insertions(+)

diff --git a/MdeModulePkg/Include/Library/NetLib.h b/MdeModulePkg/Include/L=
ibrary/NetLib.h
index 26709af..09ead09 100644
--- a/MdeModulePkg/Include/Library/NetLib.h
+++ b/MdeModulePkg/Include/Library/NetLib.h
@@ -521,10 +521,11 @@ extern IP4_ADDR gIp4AllMasks[IP4_MASK_NUM];
=20
=20
 extern EFI_IPv4_ADDRESS  mZeroIp4Addr;
=20
 #define NET_IS_DIGIT(Ch)            (('0' <=3D (Ch)) && ((Ch) <=3D '9'))
+#define NET_IS_HEX(Ch)              ((('0' <=3D (Ch)) && ((Ch) <=3D '9')) =
|| (('A' <=3D (Ch)) && ((Ch) <=3D 'F')) || (('a' <=3D (Ch)) && ((Ch) <=3D '=
f')))
 #define NET_ROUNDUP(size, unit)     (((size) + (unit) - 1) & (~((unit) - 1=
)))
 #define NET_IS_LOWER_CASE_CHAR(Ch)  (('a' <=3D (Ch)) && ((Ch) <=3D 'z'))  =
#define NET_IS_UPPER_CASE_CHAR(Ch)  (('A' <=3D (Ch)) && ((Ch) <=3D 'Z'))
=20
 #define TICKS_PER_MS            10000U
diff --git a/MdeModulePkg/Library/DxeNetLib/DxeNetLib.c b/MdeModulePkg/Libr=
ary/DxeNetLib/DxeNetLib.c
index 0804052..0a7117c 100644
--- a/MdeModulePkg/Library/DxeNetLib/DxeNetLib.c
+++ b/MdeModulePkg/Library/DxeNetLib/DxeNetLib.c
@@ -2830,10 +2830,21 @@ NetLibAsciiStrToIp6 (
=20
   for (Index =3D 0; Index < 15; Index =3D (UINT8) (Index + 2)) {
     TempStr =3D Ip6Str;
=20
     while ((*Ip6Str !=3D '\0') && (*Ip6Str !=3D ':')) {
+      if (Index !=3D 14 && !NET_IS_HEX (*Ip6Str)) {
+        return EFI_INVALID_PARAMETER;
+      }
+     =20
+      //
+      // Allow the IPv6 with prefix case, e.g. 2000:aaaa::10/24=20
+      //
+      if (Index =3D=3D 14 && !NET_IS_HEX (*Ip6Str) && *Ip6Str !=3D '/') {
+        return EFI_INVALID_PARAMETER;
+      }
+     =20
       Ip6Str++;
     }
=20
     if ((*Ip6Str =3D=3D '\0') && (Index !=3D 14)) {
       return EFI_INVALID_PARAMETER;
--
1.9.5.msysgit.1