From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Received: from mga04.intel.com (mga04.intel.com [192.55.52.120]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ml01.01.org (Postfix) with ESMTPS id 8A81681D72 for ; Thu, 10 Nov 2016 19:30:05 -0800 (PST) Received: from fmsmga006.fm.intel.com ([10.253.24.20]) by fmsmga104.fm.intel.com with ESMTP; 10 Nov 2016 19:30:08 -0800 X-ExtLoop1: 1 X-IronPort-AV: E=Sophos;i="5.31,620,1473145200"; d="scan'208";a="29985958" Received: from fmsmsx104.amr.corp.intel.com ([10.18.124.202]) by fmsmga006.fm.intel.com with ESMTP; 10 Nov 2016 19:30:09 -0800 Received: from shsmsx152.ccr.corp.intel.com (10.239.6.52) by fmsmsx104.amr.corp.intel.com (10.18.124.202) with Microsoft SMTP Server (TLS) id 14.3.248.2; Thu, 10 Nov 2016 19:30:08 -0800 Received: from shsmsx103.ccr.corp.intel.com ([169.254.4.96]) by SHSMSX152.ccr.corp.intel.com ([169.254.6.138]) with mapi id 14.03.0248.002; Fri, 11 Nov 2016 11:30:06 +0800 From: "Wu, Jiaxin" To: Laszlo Ersek , "edk2-devel@ml01.01.org" CC: Santhapur Naveen , "Ye, Ting" , "Fu, Siyuan" Thread-Topic: [Patch] MdeModulePkg: Add wrong/invalid subnet check Thread-Index: AQHSOzODGA7z+whZYk6zWvnUhmRxlaDTIHOw Date: Fri, 11 Nov 2016 03:30:06 +0000 Message-ID: <895558F6EA4E3B41AC93A00D163B7274138B0EBF@SHSMSX103.ccr.corp.intel.com> References: <1478767547-188092-1-git-send-email-jiaxin.wu@intel.com> <75dd4410-77ec-39e5-3370-5fbb81f65914@redhat.com> In-Reply-To: <75dd4410-77ec-39e5-3370-5fbb81f65914@redhat.com> Accept-Language: en-US X-MS-Has-Attach: X-MS-TNEF-Correlator: x-titus-metadata-40: eyJDYXRlZ29yeUxhYmVscyI6IiIsIk1ldGFkYXRhIjp7Im5zIjoiaHR0cDpcL1wvd3d3LnRpdHVzLmNvbVwvbnNcL0ludGVsMyIsImlkIjoiNDhhMjZhMWQtMjdhZi00ZjdkLWE1M2MtNWNiNDAzYTRiODZhIiwicHJvcHMiOlt7Im4iOiJDVFBDbGFzc2lmaWNhdGlvbiIsInZhbHMiOlt7InZhbHVlIjoiQ1RQX0lDIn1dfV19LCJTdWJqZWN0TGFiZWxzIjpbXSwiVE1DVmVyc2lvbiI6IjE1LjkuNi42IiwiVHJ1c3RlZExhYmVsSGFzaCI6IjNhdURSRVBnNjY2UTQ4OTNaNUFIVTUwXC9ZaDZuQk5LSWFJV1EzNnhleDJvPSJ9 x-ctpclassification: CTP_IC x-originating-ip: [10.239.127.40] MIME-Version: 1.0 Subject: Re: [Patch] MdeModulePkg: Add wrong/invalid subnet check X-BeenThere: edk2-devel@lists.01.org X-Mailman-Version: 2.1.21 Precedence: list List-Id: EDK II Development List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Fri, 11 Nov 2016 03:30:05 -0000 Content-Language: en-US Content-Type: text/plain; charset="us-ascii" Content-Transfer-Encoding: quoted-printable Thanks Laszlo, your suggestions make sense. Best Regards! Jiaxin > -----Original Message----- > From: Laszlo Ersek [mailto:lersek@redhat.com] > Sent: Thursday, November 10, 2016 5:19 PM > To: Wu, Jiaxin ; edk2-devel@ml01.01.org > Cc: Santhapur Naveen ; Ye, Ting > ; Fu, Siyuan > Subject: Re: [Patch] MdeModulePkg: Add wrong/invalid subnet check >=20 > I have a few comments: >=20 > On 11/10/16 09:45, Jiaxin Wu wrote: > > This patch is used to add the wrong/invalid subnet check. > > Meanwhile, correct the the return status. >=20 > (1) I propose to split this patch into three patches, with the following > subjects: >=20 > MdeModulePkg/Ip4Dxe: Catch invalid subnet early in manual setting > MdeModulePkg/Ip4Dxe: Fix error path return status > MdeModulePkg/Ip4Dxe: Catch invalid subnet in Ip4SetAddress() helper >=20 > In this structuring, patch #1 would be actually redundant; patch #3 would > handle that case automatically. But, we can keep all three if you wish. >=20 > > > > Cc: Santhapur Naveen > > Cc: Laszlo Ersek > > Cc: Ye Ting > > Cc: Fu Siyuan > > Contributed-under: TianoCore Contribution Agreement 1.0 > > Signed-off-by: Jiaxin Wu > > --- > > MdeModulePkg/Universal/Network/Ip4Dxe/Ip4Config2Impl.c | 18 > +++++++++++------- > > MdeModulePkg/Universal/Network/Ip4Dxe/Ip4If.c | 8 +++++--- > > 2 files changed, 16 insertions(+), 10 deletions(-) > > > > diff --git a/MdeModulePkg/Universal/Network/Ip4Dxe/Ip4Config2Impl.c > > b/MdeModulePkg/Universal/Network/Ip4Dxe/Ip4Config2Impl.c > > index a931bb3..672a092 100644 > > --- a/MdeModulePkg/Universal/Network/Ip4Dxe/Ip4Config2Impl.c > > +++ b/MdeModulePkg/Universal/Network/Ip4Dxe/Ip4Config2Impl.c > > @@ -1253,10 +1253,17 @@ Ip4Config2SetMaunualAddress ( > > return EFI_WRITE_PROTECTED; > > } > > > > NewAddress =3D *((EFI_IP4_CONFIG2_MANUAL_ADDRESS *) Data); > > > > + StationAddress =3D EFI_NTOHL (NewAddress.Address); SubnetMask =3D > > + EFI_NTOHL (NewAddress.SubnetMask); > > + > > + if (NetGetMaskLength (SubnetMask) > IP4_MASK_MAX) { > > + return EFI_INVALID_PARAMETER; > > + } > > + > > // > > // Store the new data, and init the DataItem status to EFI_NOT_READY > because > > // we may have an asynchronous configuration process. > > // > > Ptr =3D AllocateCopyPool (DataSize, Data); @@ -1271,30 +1278,27 @@ > > Ip4Config2SetMaunualAddress ( > > > > DataItem->Data.Ptr =3D Ptr; > > DataItem->DataSize =3D DataSize; > > DataItem->Status =3D EFI_NOT_READY; > > > > - StationAddress =3D EFI_NTOHL (NewAddress.Address); > > - SubnetMask =3D EFI_NTOHL (NewAddress.SubnetMask); > > - >=20 > (2) This part looks good to me, but for stylistic reasons, I recommend re= placing >=20 > > IP4_MASK_MAX >=20 > with >=20 > =3D=3D IP4_MASK_NUM >=20 > The reason is that the leading comment on NetGetMaskLength() documents > IP4_MASK_NUM as the error value: >=20 > @return The length of the netmask, IP4_MASK_NUM if the mask is invalid. >=20 > Okay, so this is where patch #2 should start: >=20 > > IpSb->Reconfig =3D TRUE; > > Status =3D Ip4Config2SetDefaultAddr (IpSb, StationAddress, SubnetMas= k); > > if (EFI_ERROR (Status)) { > > goto ON_EXIT; > > } > > > > - DataItem->Status =3D EFI_SUCCESS; > > - > > ON_EXIT: > > - if (EFI_ERROR (DataItem->Status)) { > > + DataItem->Status =3D Status; > > + > > + if (EFI_ERROR (DataItem->Status) && DataItem->Status !=3D > > + EFI_NOT_READY) { > > if (Ptr !=3D NULL) { > > FreePool (Ptr); > > } > > DataItem->Data.Ptr =3D NULL; > > } > > > > - return EFI_SUCCESS; > > + return Status; > > } > > > > /** > > The work function is to set the gateway addresses manually for the E= FI IPv4 > > network stack that is running on the communication device that this > > EFI IPv4 >=20 > (3) This looks good (with your explanation in the bugzilla), except you c= ould > remove the ON_EXIT label too, with the referring goto statement as well. = There > is nothing left between the (sole) jump to ON_EXIT, and ON_EXIT itself, s= o the > goto is useless. >=20 > This is where the third patch should start: >=20 > > diff --git a/MdeModulePkg/Universal/Network/Ip4Dxe/Ip4If.c > > b/MdeModulePkg/Universal/Network/Ip4Dxe/Ip4If.c > > index 9cd5dd5..7550a13 100644 > > --- a/MdeModulePkg/Universal/Network/Ip4Dxe/Ip4If.c > > +++ b/MdeModulePkg/Universal/Network/Ip4Dxe/Ip4If.c > > @@ -562,10 +562,15 @@ Ip4SetAddress ( > > EFI_STATUS Status; > > INTN Len; > > > > NET_CHECK_SIGNATURE (Interface, IP4_INTERFACE_SIGNATURE); > > > > + Len =3D NetGetMaskLength (SubnetMask); if (Len > IP4_MASK_MAX) { > > + return EFI_INVALID_PARAMETER; > > + } > > + >=20 > (4) Same comment as (2), about IP4_MASK_NUM. >=20 > > // > > // Set the ip/netmask, then compute the subnet broadcast > > // and network broadcast for easy access. When computing > > // nework broadcast, the subnet mask is most like longer > > // than the default netmask (not subneted) as defined in @@ -573,13 > > +578,10 @@ Ip4SetAddress ( > > // networks, use the subnet's mask instead. > > // > > Interface->Ip =3D IpAddr; > > Interface->SubnetMask =3D SubnetMask; > > Interface->SubnetBrdcast =3D (IpAddr | ~SubnetMask); > > - > > - Len =3D NetGetMaskLength (SubnetMask); > > - ASSERT (Len <=3D IP4_MASK_MAX); > > Interface->NetBrdcast =3D (IpAddr | ~SubnetMask); > > > > // > > // Do clean up for Arp child > > // > > >=20 > Thanks! > Laszlo