From mboxrd@z Thu Jan  1 00:00:00 1970
Return-Path: <lersek@redhat.com>
Received: from mx1.redhat.com (mx1.redhat.com [209.132.183.28])
 (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits))
 (No client certificate requested)
 by ml01.01.org (Postfix) with ESMTPS id 4E61E81EAB
 for <edk2-devel@ml01.01.org>; Fri, 11 Nov 2016 04:42:38 -0800 (PST)
Received: from int-mx11.intmail.prod.int.phx2.redhat.com
 (int-mx11.intmail.prod.int.phx2.redhat.com [10.5.11.24])
 (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits))
 (No client certificate requested)
 by mx1.redhat.com (Postfix) with ESMTPS id C443910799;
 Fri, 11 Nov 2016 12:42:41 +0000 (UTC)
Received: from lacos-laptop-7.usersys.redhat.com (ovpn-116-102.phx2.redhat.com
 [10.3.116.102])
 by int-mx11.intmail.prod.int.phx2.redhat.com (8.14.4/8.14.4) with ESMTP id
 uABCgdYl027955; Fri, 11 Nov 2016 07:42:40 -0500
To: Jiaxin Wu <jiaxin.wu@intel.com>, edk2-devel@ml01.01.org
References: <1478841521-232036-1-git-send-email-jiaxin.wu@intel.com>
 <1478841521-232036-2-git-send-email-jiaxin.wu@intel.com>
Cc: Ye Ting <ting.ye@intel.com>, Fu Siyuan <siyuan.fu@intel.com>,
 Santhapur Naveen <naveens@amiindia.co.in>
From: Laszlo Ersek <lersek@redhat.com>
Message-ID: <c665c82a-efaa-2e32-7f3d-9fb1b39d4719@redhat.com>
Date: Fri, 11 Nov 2016 13:42:39 +0100
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:45.0) Gecko/20100101
 Thunderbird/45.4.0
MIME-Version: 1.0
In-Reply-To: <1478841521-232036-2-git-send-email-jiaxin.wu@intel.com>
X-Scanned-By: MIMEDefang 2.68 on 10.5.11.24
X-Greylist: Sender IP whitelisted, not delayed by milter-greylist-4.5.16
 (mx1.redhat.com [10.5.110.28]); Fri, 11 Nov 2016 12:42:41 +0000 (UTC)
Subject: Re: [PATCH v2 1/2] MdeModulePkg/Ip4Dxe: Add wrong/invalid subnet check
X-BeenThere: edk2-devel@lists.01.org
X-Mailman-Version: 2.1.21
Precedence: list
List-Id: EDK II Development  <edk2-devel.lists.01.org>
List-Unsubscribe: <https://lists.01.org/mailman/options/edk2-devel>,
 <mailto:edk2-devel-request@lists.01.org?subject=unsubscribe>
List-Archive: <http://lists.01.org/pipermail/edk2-devel/>
List-Post: <mailto:edk2-devel@lists.01.org>
List-Help: <mailto:edk2-devel-request@lists.01.org?subject=help>
List-Subscribe: <https://lists.01.org/mailman/listinfo/edk2-devel>,
 <mailto:edk2-devel-request@lists.01.org?subject=subscribe>
X-List-Received-Date: Fri, 11 Nov 2016 12:42:38 -0000
Content-Type: text/plain; charset=windows-1252
Content-Transfer-Encoding: 7bit

On 11/11/16 06:18, Jiaxin Wu wrote:
> v2:
> * Separate out the return status fix.
> * Replace IP4_MASK_MAX with IP4_MASK_MAX.
> * Remove the ON_EXIT label.
> 
> This patch is used to add the wrong/invalid subnet check.
> 
> Cc: Santhapur Naveen <naveens@amiindia.co.in>
> Cc: Laszlo Ersek <lersek@redhat.com>
> Cc: Ye Ting <ting.ye@intel.com>
> Cc: Fu Siyuan <siyuan.fu@intel.com>
> Contributed-under: TianoCore Contribution Agreement 1.0
> Signed-off-by: Jiaxin Wu <jiaxin.wu@intel.com>
> ---
>  MdeModulePkg/Universal/Network/Ip4Dxe/Ip4Config2Impl.c | 10 +++++++---
>  MdeModulePkg/Universal/Network/Ip4Dxe/Ip4If.c          |  8 +++++---
>  2 files changed, 12 insertions(+), 6 deletions(-)
> 
> diff --git a/MdeModulePkg/Universal/Network/Ip4Dxe/Ip4Config2Impl.c b/MdeModulePkg/Universal/Network/Ip4Dxe/Ip4Config2Impl.c
> index a931bb3..5b01b35 100644
> --- a/MdeModulePkg/Universal/Network/Ip4Dxe/Ip4Config2Impl.c
> +++ b/MdeModulePkg/Universal/Network/Ip4Dxe/Ip4Config2Impl.c
> @@ -1253,10 +1253,17 @@ Ip4Config2SetMaunualAddress (
>      return EFI_WRITE_PROTECTED;
>    }
>  
>    NewAddress = *((EFI_IP4_CONFIG2_MANUAL_ADDRESS *) Data);
>  
> +  StationAddress = EFI_NTOHL (NewAddress.Address);
> +  SubnetMask = EFI_NTOHL (NewAddress.SubnetMask);
> +
> +  if (NetGetMaskLength (SubnetMask) == IP4_MASK_NUM) {
> +    return EFI_INVALID_PARAMETER;
> +  }
> +
>    //
>    // Store the new data, and init the DataItem status to EFI_NOT_READY because
>    // we may have an asynchronous configuration process.
>    //
>    Ptr = AllocateCopyPool (DataSize, Data);
> @@ -1271,13 +1278,10 @@ Ip4Config2SetMaunualAddress (
>    
>    DataItem->Data.Ptr = Ptr;
>    DataItem->DataSize = DataSize;
>    DataItem->Status   = EFI_NOT_READY;
>  
> -  StationAddress = EFI_NTOHL (NewAddress.Address);
> -  SubnetMask = EFI_NTOHL (NewAddress.SubnetMask);
> -
>    IpSb->Reconfig = TRUE;
>    Status = Ip4Config2SetDefaultAddr (IpSb, StationAddress, SubnetMask);
>    if (EFI_ERROR (Status)) {
>      goto ON_EXIT;
>    }  
> diff --git a/MdeModulePkg/Universal/Network/Ip4Dxe/Ip4If.c b/MdeModulePkg/Universal/Network/Ip4Dxe/Ip4If.c
> index 9cd5dd5..b0cc6a3 100644
> --- a/MdeModulePkg/Universal/Network/Ip4Dxe/Ip4If.c
> +++ b/MdeModulePkg/Universal/Network/Ip4Dxe/Ip4If.c
> @@ -562,10 +562,15 @@ Ip4SetAddress (
>    EFI_STATUS                Status;
>    INTN                      Len;
>  
>    NET_CHECK_SIGNATURE (Interface, IP4_INTERFACE_SIGNATURE);
>  
> +  Len = NetGetMaskLength (SubnetMask);
> +  if (Len == IP4_MASK_NUM) {
> +    return EFI_INVALID_PARAMETER;
> +  }
> +
>    //
>    // Set the ip/netmask, then compute the subnet broadcast
>    // and network broadcast for easy access. When computing
>    // nework broadcast, the subnet mask is most like longer
>    // than the default netmask (not subneted) as defined in
> @@ -573,13 +578,10 @@ Ip4SetAddress (
>    // networks, use the subnet's mask instead.
>    //
>    Interface->Ip             = IpAddr;
>    Interface->SubnetMask     = SubnetMask;
>    Interface->SubnetBrdcast  = (IpAddr | ~SubnetMask);
> -
> -  Len                       = NetGetMaskLength (SubnetMask);
> -  ASSERT (Len <= IP4_MASK_MAX);
>    Interface->NetBrdcast     = (IpAddr | ~SubnetMask);
>  
>    //
>    // Do clean up for Arp child
>    //
> 

Reviewed-by: Laszlo Ersek <lersek@redhat.com>