Add pointer check for NULL before dereference it.

Signed-off-by: sfu5
Reviewed-by: xdu2
Reviewed-by: ydong10


git-svn-id: https://edk2.svn.sourceforge.net/svnroot/edk2/trunk/edk2@12514 6f19259b-4bc3-4df7-8a09-765794883524
This commit is contained in:
sfu5 2011-10-08 02:55:30 +00:00
parent 4bc6ad3935
commit 02a758cb0b
9 changed files with 211 additions and 37 deletions

View File

@ -2446,9 +2446,7 @@ InternalHiiGrowOpCodeHandle (
OpCodeBuffer->BufferSize + (Size + HII_LIB_OPCODE_ALLOCATION_SIZE), OpCodeBuffer->BufferSize + (Size + HII_LIB_OPCODE_ALLOCATION_SIZE),
OpCodeBuffer->Buffer OpCodeBuffer->Buffer
); );
if (Buffer == NULL) { ASSERT (Buffer != NULL);
return NULL;
}
OpCodeBuffer->Buffer = Buffer; OpCodeBuffer->Buffer = Buffer;
OpCodeBuffer->BufferSize += (Size + HII_LIB_OPCODE_ALLOCATION_SIZE); OpCodeBuffer->BufferSize += (Size + HII_LIB_OPCODE_ALLOCATION_SIZE);
} }

View File

@ -1497,13 +1497,16 @@ Ip6ProcessNeighborSolicit (
goto Exit; goto Exit;
} else { } else {
OptionLen = (UINT16) (Head->PayloadLength - IP6_ND_LENGTH); OptionLen = (UINT16) (Head->PayloadLength - IP6_ND_LENGTH);
Option = NetbufGetByte (Packet, IP6_ND_LENGTH, NULL); if (OptionLen != 0) {
Option = NetbufGetByte (Packet, IP6_ND_LENGTH, NULL);
ASSERT (Option != NULL);
// //
// All included options should have a length that is greater than zero. // All included options should have a length that is greater than zero.
// //
if (!Ip6IsNDOptionValid (Option, OptionLen)) { if (!Ip6IsNDOptionValid (Option, OptionLen)) {
goto Exit; goto Exit;
}
} }
} }
@ -1733,13 +1736,16 @@ Ip6ProcessNeighborAdvertise (
goto Exit; goto Exit;
} else { } else {
OptionLen = (UINT16) (Head->PayloadLength - IP6_ND_LENGTH); OptionLen = (UINT16) (Head->PayloadLength - IP6_ND_LENGTH);
Option = NetbufGetByte (Packet, IP6_ND_LENGTH, NULL); if (OptionLen != 0) {
Option = NetbufGetByte (Packet, IP6_ND_LENGTH, NULL);
ASSERT (Option != NULL);
// //
// All included options should have a length that is greater than zero. // All included options should have a length that is greater than zero.
// //
if (!Ip6IsNDOptionValid (Option, OptionLen)) { if (!Ip6IsNDOptionValid (Option, OptionLen)) {
goto Exit; goto Exit;
}
} }
} }
@ -1982,10 +1988,13 @@ Ip6ProcessRouterAdvertise (
// All included options have a length that is greater than zero. // All included options have a length that is greater than zero.
// //
OptionLen = (UINT16) (Head->PayloadLength - IP6_RA_LENGTH); OptionLen = (UINT16) (Head->PayloadLength - IP6_RA_LENGTH);
Option = NetbufGetByte (Packet, IP6_RA_LENGTH, NULL); if (OptionLen != 0) {
Option = NetbufGetByte (Packet, IP6_RA_LENGTH, NULL);
ASSERT (Option != NULL);
if (!Ip6IsNDOptionValid (Option, OptionLen)) { if (!Ip6IsNDOptionValid (Option, OptionLen)) {
goto Exit; goto Exit;
}
} }
// //
@ -2428,10 +2437,13 @@ Ip6ProcessRedirect (
// All included options have a length that is greater than zero. // All included options have a length that is greater than zero.
// //
OptionLen = (UINT16) (Head->PayloadLength - IP6_REDITECT_LENGTH); OptionLen = (UINT16) (Head->PayloadLength - IP6_REDITECT_LENGTH);
Option = NetbufGetByte (Packet, IP6_REDITECT_LENGTH, NULL); if (OptionLen != 0) {
Option = NetbufGetByte (Packet, IP6_REDITECT_LENGTH, NULL);
ASSERT (Option != NULL);
if (!Ip6IsNDOptionValid (Option, OptionLen)) { if (!Ip6IsNDOptionValid (Option, OptionLen)) {
goto Exit; goto Exit;
}
} }
Target = (EFI_IPv6_ADDRESS *) (Icmp + 1); Target = (EFI_IPv6_ADDRESS *) (Icmp + 1);

View File

@ -1,7 +1,7 @@
/** @file /** @file
The implementation of Payloads Creation. The implementation of Payloads Creation.
Copyright (c) 2010, Intel Corporation. All rights reserved.<BR> Copyright (c) 2010 - 2011, Intel Corporation. All rights reserved.<BR>
This program and the accompanying materials This program and the accompanying materials
are licensed and made available under the terms and conditions of the BSD License are licensed and made available under the terms and conditions of the BSD License
@ -311,6 +311,9 @@ Ikev2GenerateCertIdPayload (
&CertSubject, &CertSubject,
&SubjectSize &SubjectSize
); );
if (SubjectSize != 0) {
ASSERT (CertSubject != NULL);
}
IdSize = sizeof (IKEV2_ID) + SubjectSize; IdSize = sizeof (IKEV2_ID) + SubjectSize;
@ -757,7 +760,7 @@ Ikev2CertGenerateAuthPayload (
&SigSize &SigSize
); );
if (SigSize == 0) { if (SigSize == 0 || Signature == NULL) {
goto EXIT; goto EXIT;
} }
} }
@ -1231,6 +1234,10 @@ Ikev2GenerateDeletePayload (
// +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ // +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
// //
SpiBufSize = (UINT16) (SpiSize * SpiNum); SpiBufSize = (UINT16) (SpiSize * SpiNum);
if (SpiBufSize != 0 && SpiBuf == NULL) {
return NULL;
}
DelPayloadLen = (UINT16) (sizeof (IKEV2_DELETE) + SpiBufSize); DelPayloadLen = (UINT16) (sizeof (IKEV2_DELETE) + SpiBufSize);
Del = AllocateZeroPool (DelPayloadLen); Del = AllocateZeroPool (DelPayloadLen);
@ -1498,6 +1505,9 @@ Ikev2GenerateCertificatePayload (
Fragment[0].DataSize = PublicKeyLen; Fragment[0].DataSize = PublicKeyLen;
HashDataSize = IpSecGetHmacDigestLength (IKE_AALG_SHA1HMAC); HashDataSize = IpSecGetHmacDigestLength (IKE_AALG_SHA1HMAC);
HashData = AllocateZeroPool (HashDataSize); HashData = AllocateZeroPool (HashDataSize);
if (HashData == NULL) {
goto ON_EXIT;
}
Status = IpSecCryptoIoHash ( Status = IpSecCryptoIoHash (
IKE_AALG_SHA1HMAC, IKE_AALG_SHA1HMAC,
@ -2289,6 +2299,10 @@ Ikev2DecodePacket (
IkeSaSession = IKEV2_SA_SESSION_FROM_COMMON (SessionCommon); IkeSaSession = IKEV2_SA_SESSION_FROM_COMMON (SessionCommon);
if (SessionCommon->IsInitiator) { if (SessionCommon->IsInitiator) {
IkeSaSession->RespPacket = AllocateZeroPool (IkePacket->Header->Length); IkeSaSession->RespPacket = AllocateZeroPool (IkePacket->Header->Length);
if (IkeSaSession->RespPacket == NULL) {
Status = EFI_OUT_OF_RESOURCES;
goto Exit;
}
IkeSaSession->RespPacketSize = IkePacket->Header->Length; IkeSaSession->RespPacketSize = IkePacket->Header->Length;
CopyMem (IkeSaSession->RespPacket, IkeHeader, sizeof (IKE_HEADER)); CopyMem (IkeSaSession->RespPacket, IkeHeader, sizeof (IKE_HEADER));
CopyMem ( CopyMem (
@ -2298,6 +2312,10 @@ Ikev2DecodePacket (
); );
} else { } else {
IkeSaSession->InitPacket = AllocateZeroPool (IkePacket->Header->Length); IkeSaSession->InitPacket = AllocateZeroPool (IkePacket->Header->Length);
if (IkeSaSession->InitPacket == NULL) {
Status = EFI_OUT_OF_RESOURCES;
goto Exit;
}
IkeSaSession->InitPacketSize = IkePacket->Header->Length; IkeSaSession->InitPacketSize = IkePacket->Header->Length;
CopyMem (IkeSaSession->InitPacket, IkeHeader, sizeof (IKE_HEADER)); CopyMem (IkeSaSession->InitPacket, IkeHeader, sizeof (IKE_HEADER));
CopyMem ( CopyMem (
@ -2766,6 +2784,8 @@ Ikev2EncryptPacket (
UINTN CryptKeyLength; UINTN CryptKeyLength;
HASH_DATA_FRAGMENT Fragments[1]; HASH_DATA_FRAGMENT Fragments[1];
Status = EFI_SUCCESS;
// //
// Initial all buffers to NULL. // Initial all buffers to NULL.
// //
@ -2827,6 +2847,10 @@ Ikev2EncryptPacket (
// //
IvSize = CryptBlockSize; IvSize = CryptBlockSize;
IvBuffer = (UINT8 *) AllocateZeroPool (IvSize); IvBuffer = (UINT8 *) AllocateZeroPool (IvSize);
if (IvBuffer == NULL) {
Status = EFI_OUT_OF_RESOURCES;
goto ON_EXIT;
}
// //
// Generate IV // Generate IV
@ -2892,6 +2916,10 @@ Ikev2EncryptPacket (
IkePacket->Header->NextPayload = IKEV2_PAYLOAD_TYPE_ENCRYPT; IkePacket->Header->NextPayload = IKEV2_PAYLOAD_TYPE_ENCRYPT;
IntegrityBuf = AllocateZeroPool (IkePacket->Header->Length); IntegrityBuf = AllocateZeroPool (IkePacket->Header->Length);
if (IntegrityBuf == NULL) {
Status = EFI_OUT_OF_RESOURCES;
goto ON_EXIT;
}
IntegrityBufSize = IkePacket->Header->Length; IntegrityBufSize = IkePacket->Header->Length;
IkeHdrHostToNet (IkePacket->Header); IkeHdrHostToNet (IkePacket->Header);
@ -2905,6 +2933,10 @@ Ikev2EncryptPacket (
Fragments[0].DataSize = EncryptPayloadSize + sizeof (IKE_HEADER) - CheckSumSize; Fragments[0].DataSize = EncryptPayloadSize + sizeof (IKE_HEADER) - CheckSumSize;
CheckSumData = AllocateZeroPool (CheckSumSize); CheckSumData = AllocateZeroPool (CheckSumSize);
if (CheckSumData == NULL) {
Status = EFI_OUT_OF_RESOURCES;
goto ON_EXIT;
}
if (SessionCommon->IsInitiator) { if (SessionCommon->IsInitiator) {
IpSecCryptoIoHmac ( IpSecCryptoIoHmac (

View File

@ -1496,6 +1496,7 @@ Ikev2GenerateSaKeys (
Digest = NULL; Digest = NULL;
OutputKey = NULL; OutputKey = NULL;
KeyBuffer = NULL; KeyBuffer = NULL;
Status = EFI_SUCCESS;
// //
// Generate Gxy // Generate Gxy
@ -1581,6 +1582,10 @@ Ikev2GenerateSaKeys (
2 * AuthAlgKeyLen + 2 * AuthAlgKeyLen +
2 * IntegrityAlgKeyLen; 2 * IntegrityAlgKeyLen;
OutputKey = AllocateZeroPool (OutputKeyLength); OutputKey = AllocateZeroPool (OutputKeyLength);
if (OutputKey == NULL) {
Status = EFI_OUT_OF_RESOURCES;
goto Exit;
}
// //
// Generate Seven Keymates. // Generate Seven Keymates.
@ -1603,6 +1608,10 @@ Ikev2GenerateSaKeys (
// First, SK_d // First, SK_d
// //
IkeSaSession->IkeKeys->SkdKey = AllocateZeroPool (PrfAlgKeyLen); IkeSaSession->IkeKeys->SkdKey = AllocateZeroPool (PrfAlgKeyLen);
if (IkeSaSession->IkeKeys->SkdKey == NULL) {
Status = EFI_OUT_OF_RESOURCES;
goto Exit;
}
IkeSaSession->IkeKeys->SkdKeySize = PrfAlgKeyLen; IkeSaSession->IkeKeys->SkdKeySize = PrfAlgKeyLen;
CopyMem (IkeSaSession->IkeKeys->SkdKey, OutputKey, PrfAlgKeyLen); CopyMem (IkeSaSession->IkeKeys->SkdKey, OutputKey, PrfAlgKeyLen);
@ -1612,6 +1621,10 @@ Ikev2GenerateSaKeys (
// Second, Sk_ai // Second, Sk_ai
// //
IkeSaSession->IkeKeys->SkAiKey = AllocateZeroPool (IntegrityAlgKeyLen); IkeSaSession->IkeKeys->SkAiKey = AllocateZeroPool (IntegrityAlgKeyLen);
if (IkeSaSession->IkeKeys->SkAiKey == NULL) {
Status = EFI_OUT_OF_RESOURCES;
goto Exit;
}
IkeSaSession->IkeKeys->SkAiKeySize = IntegrityAlgKeyLen; IkeSaSession->IkeKeys->SkAiKeySize = IntegrityAlgKeyLen;
CopyMem (IkeSaSession->IkeKeys->SkAiKey, OutputKey + PrfAlgKeyLen, IntegrityAlgKeyLen); CopyMem (IkeSaSession->IkeKeys->SkAiKey, OutputKey + PrfAlgKeyLen, IntegrityAlgKeyLen);
@ -1621,6 +1634,10 @@ Ikev2GenerateSaKeys (
// Third, Sk_ar // Third, Sk_ar
// //
IkeSaSession->IkeKeys->SkArKey = AllocateZeroPool (IntegrityAlgKeyLen); IkeSaSession->IkeKeys->SkArKey = AllocateZeroPool (IntegrityAlgKeyLen);
if (IkeSaSession->IkeKeys->SkArKey == NULL) {
Status = EFI_OUT_OF_RESOURCES;
goto Exit;
}
IkeSaSession->IkeKeys->SkArKeySize = IntegrityAlgKeyLen; IkeSaSession->IkeKeys->SkArKeySize = IntegrityAlgKeyLen;
CopyMem ( CopyMem (
IkeSaSession->IkeKeys->SkArKey, IkeSaSession->IkeKeys->SkArKey,
@ -1634,6 +1651,10 @@ Ikev2GenerateSaKeys (
// Fourth, Sk_ei // Fourth, Sk_ei
// //
IkeSaSession->IkeKeys->SkEiKey = AllocateZeroPool (EncryptAlgKeyLen); IkeSaSession->IkeKeys->SkEiKey = AllocateZeroPool (EncryptAlgKeyLen);
if (IkeSaSession->IkeKeys->SkEiKey == NULL) {
Status = EFI_OUT_OF_RESOURCES;
goto Exit;
}
IkeSaSession->IkeKeys->SkEiKeySize = EncryptAlgKeyLen; IkeSaSession->IkeKeys->SkEiKeySize = EncryptAlgKeyLen;
CopyMem ( CopyMem (
@ -1651,6 +1672,10 @@ Ikev2GenerateSaKeys (
// Fifth, Sk_er // Fifth, Sk_er
// //
IkeSaSession->IkeKeys->SkErKey = AllocateZeroPool (EncryptAlgKeyLen); IkeSaSession->IkeKeys->SkErKey = AllocateZeroPool (EncryptAlgKeyLen);
if (IkeSaSession->IkeKeys->SkErKey == NULL) {
Status = EFI_OUT_OF_RESOURCES;
goto Exit;
}
IkeSaSession->IkeKeys->SkErKeySize = EncryptAlgKeyLen; IkeSaSession->IkeKeys->SkErKeySize = EncryptAlgKeyLen;
CopyMem ( CopyMem (
@ -1668,6 +1693,10 @@ Ikev2GenerateSaKeys (
// Sixth, Sk_pi // Sixth, Sk_pi
// //
IkeSaSession->IkeKeys->SkPiKey = AllocateZeroPool (AuthAlgKeyLen); IkeSaSession->IkeKeys->SkPiKey = AllocateZeroPool (AuthAlgKeyLen);
if (IkeSaSession->IkeKeys->SkPiKey == NULL) {
Status = EFI_OUT_OF_RESOURCES;
goto Exit;
}
IkeSaSession->IkeKeys->SkPiKeySize = AuthAlgKeyLen; IkeSaSession->IkeKeys->SkPiKeySize = AuthAlgKeyLen;
CopyMem ( CopyMem (
@ -1685,6 +1714,10 @@ Ikev2GenerateSaKeys (
// Seventh, Sk_pr // Seventh, Sk_pr
// //
IkeSaSession->IkeKeys->SkPrKey = AllocateZeroPool (AuthAlgKeyLen); IkeSaSession->IkeKeys->SkPrKey = AllocateZeroPool (AuthAlgKeyLen);
if (IkeSaSession->IkeKeys->SkPrKey == NULL) {
Status = EFI_OUT_OF_RESOURCES;
goto Exit;
}
IkeSaSession->IkeKeys->SkPrKeySize = AuthAlgKeyLen; IkeSaSession->IkeKeys->SkPrKeySize = AuthAlgKeyLen;
CopyMem ( CopyMem (
@ -1709,6 +1742,31 @@ Exit:
if (OutputKey != NULL) { if (OutputKey != NULL) {
FreePool (OutputKey); FreePool (OutputKey);
} }
if (EFI_ERROR(Status)) {
if (IkeSaSession->IkeKeys->SkdKey != NULL) {
FreePool (IkeSaSession->IkeKeys->SkdKey);
}
if (IkeSaSession->IkeKeys->SkAiKey != NULL) {
FreePool (IkeSaSession->IkeKeys->SkAiKey);
}
if (IkeSaSession->IkeKeys->SkArKey != NULL) {
FreePool (IkeSaSession->IkeKeys->SkArKey);
}
if (IkeSaSession->IkeKeys->SkEiKey != NULL) {
FreePool (IkeSaSession->IkeKeys->SkEiKey);
}
if (IkeSaSession->IkeKeys->SkErKey != NULL) {
FreePool (IkeSaSession->IkeKeys->SkErKey);
}
if (IkeSaSession->IkeKeys->SkPiKey != NULL) {
FreePool (IkeSaSession->IkeKeys->SkPiKey);
}
if (IkeSaSession->IkeKeys->SkPrKey != NULL) {
FreePool (IkeSaSession->IkeKeys->SkPrKey);
}
}
return Status; return Status;
} }
@ -1737,6 +1795,9 @@ Ikev2GenerateChildSaKeys (
UINT8* OutputKey; UINT8* OutputKey;
UINTN OutputKeyLength; UINTN OutputKeyLength;
Status = EFI_SUCCESS;
OutputKey = NULL;
if (KePayload != NULL) { if (KePayload != NULL) {
// //
// Generate Gxy // Generate Gxy
@ -1760,7 +1821,8 @@ Ikev2GenerateChildSaKeys (
OutputKeyLength = 2 * EncryptAlgKeyLen + 2 * IntegrityAlgKeyLen; OutputKeyLength = 2 * EncryptAlgKeyLen + 2 * IntegrityAlgKeyLen;
if ((EncryptAlgKeyLen == 0) || (IntegrityAlgKeyLen == 0)) { if ((EncryptAlgKeyLen == 0) || (IntegrityAlgKeyLen == 0)) {
return EFI_UNSUPPORTED; Status = EFI_UNSUPPORTED;
goto Exit;
} }
// //
@ -1769,6 +1831,10 @@ Ikev2GenerateChildSaKeys (
// otherwise, KEYMAT = prf+(SK_d, Ni | Nr ) // otherwise, KEYMAT = prf+(SK_d, Ni | Nr )
// //
OutputKey = AllocateZeroPool (OutputKeyLength); OutputKey = AllocateZeroPool (OutputKeyLength);
if (OutputKey == NULL) {
Status = EFI_OUT_OF_RESOURCES;
goto Exit;
}
// //
// Derive Key from the SkdKey Buffer. // Derive Key from the SkdKey Buffer.
@ -1784,8 +1850,7 @@ Ikev2GenerateChildSaKeys (
); );
if (EFI_ERROR (Status)) { if (EFI_ERROR (Status)) {
FreePool (OutputKey); goto Exit;
return Status;
} }
// //
@ -1800,6 +1865,10 @@ Ikev2GenerateChildSaKeys (
ChildSaSession->ChildKeymats.LocalPeerInfo.EspAlgoInfo.EncAlgoId = (UINT8)SaParams->EncAlgId; ChildSaSession->ChildKeymats.LocalPeerInfo.EspAlgoInfo.EncAlgoId = (UINT8)SaParams->EncAlgId;
ChildSaSession->ChildKeymats.LocalPeerInfo.EspAlgoInfo.EncKeyLength = EncryptAlgKeyLen; ChildSaSession->ChildKeymats.LocalPeerInfo.EspAlgoInfo.EncKeyLength = EncryptAlgKeyLen;
ChildSaSession->ChildKeymats.LocalPeerInfo.EspAlgoInfo.EncKey = AllocateZeroPool (EncryptAlgKeyLen); ChildSaSession->ChildKeymats.LocalPeerInfo.EspAlgoInfo.EncKey = AllocateZeroPool (EncryptAlgKeyLen);
if (ChildSaSession->ChildKeymats.LocalPeerInfo.EspAlgoInfo.EncKey == NULL) {
Status = EFI_OUT_OF_RESOURCES;
goto Exit;
}
CopyMem ( CopyMem (
ChildSaSession->ChildKeymats.LocalPeerInfo.EspAlgoInfo.EncKey, ChildSaSession->ChildKeymats.LocalPeerInfo.EspAlgoInfo.EncKey,
@ -1813,7 +1882,11 @@ Ikev2GenerateChildSaKeys (
ChildSaSession->ChildKeymats.LocalPeerInfo.EspAlgoInfo.AuthAlgoId = (UINT8)SaParams->IntegAlgId; ChildSaSession->ChildKeymats.LocalPeerInfo.EspAlgoInfo.AuthAlgoId = (UINT8)SaParams->IntegAlgId;
ChildSaSession->ChildKeymats.LocalPeerInfo.EspAlgoInfo.AuthKeyLength = IntegrityAlgKeyLen; ChildSaSession->ChildKeymats.LocalPeerInfo.EspAlgoInfo.AuthKeyLength = IntegrityAlgKeyLen;
ChildSaSession->ChildKeymats.LocalPeerInfo.EspAlgoInfo.AuthKey = AllocateZeroPool (IntegrityAlgKeyLen); ChildSaSession->ChildKeymats.LocalPeerInfo.EspAlgoInfo.AuthKey = AllocateZeroPool (IntegrityAlgKeyLen);
if (ChildSaSession->ChildKeymats.LocalPeerInfo.EspAlgoInfo.AuthKey == NULL) {
Status = EFI_OUT_OF_RESOURCES;
goto Exit;
}
CopyMem ( CopyMem (
ChildSaSession->ChildKeymats.LocalPeerInfo.EspAlgoInfo.AuthKey, ChildSaSession->ChildKeymats.LocalPeerInfo.EspAlgoInfo.AuthKey,
OutputKey + EncryptAlgKeyLen, OutputKey + EncryptAlgKeyLen,
@ -1826,7 +1899,11 @@ Ikev2GenerateChildSaKeys (
ChildSaSession->ChildKeymats.RemotePeerInfo.EspAlgoInfo.EncAlgoId = (UINT8)SaParams->EncAlgId; ChildSaSession->ChildKeymats.RemotePeerInfo.EspAlgoInfo.EncAlgoId = (UINT8)SaParams->EncAlgId;
ChildSaSession->ChildKeymats.RemotePeerInfo.EspAlgoInfo.EncKeyLength = EncryptAlgKeyLen; ChildSaSession->ChildKeymats.RemotePeerInfo.EspAlgoInfo.EncKeyLength = EncryptAlgKeyLen;
ChildSaSession->ChildKeymats.RemotePeerInfo.EspAlgoInfo.EncKey = AllocateZeroPool (EncryptAlgKeyLen); ChildSaSession->ChildKeymats.RemotePeerInfo.EspAlgoInfo.EncKey = AllocateZeroPool (EncryptAlgKeyLen);
if (ChildSaSession->ChildKeymats.RemotePeerInfo.EspAlgoInfo.EncKey == NULL) {
Status = EFI_OUT_OF_RESOURCES;
goto Exit;
}
CopyMem ( CopyMem (
ChildSaSession->ChildKeymats.RemotePeerInfo.EspAlgoInfo.EncKey, ChildSaSession->ChildKeymats.RemotePeerInfo.EspAlgoInfo.EncKey,
OutputKey + EncryptAlgKeyLen + IntegrityAlgKeyLen, OutputKey + EncryptAlgKeyLen + IntegrityAlgKeyLen,
@ -1839,6 +1916,10 @@ Ikev2GenerateChildSaKeys (
ChildSaSession->ChildKeymats.RemotePeerInfo.EspAlgoInfo.AuthAlgoId = (UINT8)SaParams->IntegAlgId; ChildSaSession->ChildKeymats.RemotePeerInfo.EspAlgoInfo.AuthAlgoId = (UINT8)SaParams->IntegAlgId;
ChildSaSession->ChildKeymats.RemotePeerInfo.EspAlgoInfo.AuthKeyLength = IntegrityAlgKeyLen; ChildSaSession->ChildKeymats.RemotePeerInfo.EspAlgoInfo.AuthKeyLength = IntegrityAlgKeyLen;
ChildSaSession->ChildKeymats.RemotePeerInfo.EspAlgoInfo.AuthKey = AllocateZeroPool (IntegrityAlgKeyLen); ChildSaSession->ChildKeymats.RemotePeerInfo.EspAlgoInfo.AuthKey = AllocateZeroPool (IntegrityAlgKeyLen);
if (ChildSaSession->ChildKeymats.RemotePeerInfo.EspAlgoInfo.AuthKey == NULL) {
Status = EFI_OUT_OF_RESOURCES;
goto Exit;
}
CopyMem ( CopyMem (
ChildSaSession->ChildKeymats.RemotePeerInfo.EspAlgoInfo.AuthKey, ChildSaSession->ChildKeymats.RemotePeerInfo.EspAlgoInfo.AuthKey,
@ -1852,7 +1933,11 @@ Ikev2GenerateChildSaKeys (
ChildSaSession->ChildKeymats.RemotePeerInfo.EspAlgoInfo.EncAlgoId = (UINT8)SaParams->EncAlgId; ChildSaSession->ChildKeymats.RemotePeerInfo.EspAlgoInfo.EncAlgoId = (UINT8)SaParams->EncAlgId;
ChildSaSession->ChildKeymats.RemotePeerInfo.EspAlgoInfo.EncKeyLength = EncryptAlgKeyLen; ChildSaSession->ChildKeymats.RemotePeerInfo.EspAlgoInfo.EncKeyLength = EncryptAlgKeyLen;
ChildSaSession->ChildKeymats.RemotePeerInfo.EspAlgoInfo.EncKey = AllocateZeroPool (EncryptAlgKeyLen); ChildSaSession->ChildKeymats.RemotePeerInfo.EspAlgoInfo.EncKey = AllocateZeroPool (EncryptAlgKeyLen);
if (ChildSaSession->ChildKeymats.RemotePeerInfo.EspAlgoInfo.EncKey == NULL) {
Status = EFI_OUT_OF_RESOURCES;
goto Exit;
}
CopyMem ( CopyMem (
ChildSaSession->ChildKeymats.RemotePeerInfo.EspAlgoInfo.EncKey, ChildSaSession->ChildKeymats.RemotePeerInfo.EspAlgoInfo.EncKey,
OutputKey, OutputKey,
@ -1865,7 +1950,11 @@ Ikev2GenerateChildSaKeys (
ChildSaSession->ChildKeymats.RemotePeerInfo.EspAlgoInfo.AuthAlgoId = (UINT8)SaParams->IntegAlgId; ChildSaSession->ChildKeymats.RemotePeerInfo.EspAlgoInfo.AuthAlgoId = (UINT8)SaParams->IntegAlgId;
ChildSaSession->ChildKeymats.RemotePeerInfo.EspAlgoInfo.AuthKeyLength = IntegrityAlgKeyLen; ChildSaSession->ChildKeymats.RemotePeerInfo.EspAlgoInfo.AuthKeyLength = IntegrityAlgKeyLen;
ChildSaSession->ChildKeymats.RemotePeerInfo.EspAlgoInfo.AuthKey = AllocateZeroPool (IntegrityAlgKeyLen); ChildSaSession->ChildKeymats.RemotePeerInfo.EspAlgoInfo.AuthKey = AllocateZeroPool (IntegrityAlgKeyLen);
if (ChildSaSession->ChildKeymats.RemotePeerInfo.EspAlgoInfo.AuthKey == NULL) {
Status = EFI_OUT_OF_RESOURCES;
goto Exit;
}
CopyMem ( CopyMem (
ChildSaSession->ChildKeymats.RemotePeerInfo.EspAlgoInfo.AuthKey, ChildSaSession->ChildKeymats.RemotePeerInfo.EspAlgoInfo.AuthKey,
OutputKey + EncryptAlgKeyLen, OutputKey + EncryptAlgKeyLen,
@ -1878,7 +1967,11 @@ Ikev2GenerateChildSaKeys (
ChildSaSession->ChildKeymats.LocalPeerInfo.EspAlgoInfo.EncAlgoId = (UINT8)SaParams->EncAlgId; ChildSaSession->ChildKeymats.LocalPeerInfo.EspAlgoInfo.EncAlgoId = (UINT8)SaParams->EncAlgId;
ChildSaSession->ChildKeymats.LocalPeerInfo.EspAlgoInfo.EncKeyLength = EncryptAlgKeyLen; ChildSaSession->ChildKeymats.LocalPeerInfo.EspAlgoInfo.EncKeyLength = EncryptAlgKeyLen;
ChildSaSession->ChildKeymats.LocalPeerInfo.EspAlgoInfo.EncKey = AllocateZeroPool (EncryptAlgKeyLen); ChildSaSession->ChildKeymats.LocalPeerInfo.EspAlgoInfo.EncKey = AllocateZeroPool (EncryptAlgKeyLen);
if (ChildSaSession->ChildKeymats.LocalPeerInfo.EspAlgoInfo.EncKey == NULL) {
Status = EFI_OUT_OF_RESOURCES;
goto Exit;
}
CopyMem ( CopyMem (
ChildSaSession->ChildKeymats.LocalPeerInfo.EspAlgoInfo.EncKey, ChildSaSession->ChildKeymats.LocalPeerInfo.EspAlgoInfo.EncKey,
OutputKey + EncryptAlgKeyLen + IntegrityAlgKeyLen, OutputKey + EncryptAlgKeyLen + IntegrityAlgKeyLen,
@ -1891,7 +1984,11 @@ Ikev2GenerateChildSaKeys (
ChildSaSession->ChildKeymats.LocalPeerInfo.EspAlgoInfo.AuthAlgoId = (UINT8)SaParams->IntegAlgId; ChildSaSession->ChildKeymats.LocalPeerInfo.EspAlgoInfo.AuthAlgoId = (UINT8)SaParams->IntegAlgId;
ChildSaSession->ChildKeymats.LocalPeerInfo.EspAlgoInfo.AuthKeyLength = IntegrityAlgKeyLen; ChildSaSession->ChildKeymats.LocalPeerInfo.EspAlgoInfo.AuthKeyLength = IntegrityAlgKeyLen;
ChildSaSession->ChildKeymats.LocalPeerInfo.EspAlgoInfo.AuthKey = AllocateZeroPool (IntegrityAlgKeyLen); ChildSaSession->ChildKeymats.LocalPeerInfo.EspAlgoInfo.AuthKey = AllocateZeroPool (IntegrityAlgKeyLen);
if (ChildSaSession->ChildKeymats.LocalPeerInfo.EspAlgoInfo.AuthKey == NULL) {
Status = EFI_OUT_OF_RESOURCES;
goto Exit;
}
CopyMem ( CopyMem (
ChildSaSession->ChildKeymats.LocalPeerInfo.EspAlgoInfo.AuthKey, ChildSaSession->ChildKeymats.LocalPeerInfo.EspAlgoInfo.AuthKey,
OutputKey + 2 * EncryptAlgKeyLen + IntegrityAlgKeyLen, OutputKey + 2 * EncryptAlgKeyLen + IntegrityAlgKeyLen,
@ -1920,7 +2017,27 @@ Ikev2GenerateChildSaKeys (
IntegrityAlgKeyLen IntegrityAlgKeyLen
); );
FreePool (OutputKey);
Exit:
if (EFI_ERROR (Status)) {
if (ChildSaSession->ChildKeymats.LocalPeerInfo.EspAlgoInfo.EncKey != NULL) {
FreePool (ChildSaSession->ChildKeymats.LocalPeerInfo.EspAlgoInfo.EncKey);
}
if (ChildSaSession->ChildKeymats.LocalPeerInfo.EspAlgoInfo.AuthKey != NULL) {
FreePool (ChildSaSession->ChildKeymats.LocalPeerInfo.EspAlgoInfo.AuthKey);
}
if (ChildSaSession->ChildKeymats.RemotePeerInfo.EspAlgoInfo.EncKey != NULL) {
FreePool (ChildSaSession->ChildKeymats.RemotePeerInfo.EspAlgoInfo.EncKey);
}
if (ChildSaSession->ChildKeymats.RemotePeerInfo.EspAlgoInfo.AuthKey != NULL) {
FreePool (ChildSaSession->ChildKeymats.RemotePeerInfo.EspAlgoInfo.AuthKey);
}
}
if (OutputKey != NULL) {
FreePool (OutputKey);
}
return EFI_SUCCESS; return EFI_SUCCESS;
} }

View File

@ -1,7 +1,7 @@
/** @file /** @file
The Common operations used by IKE Exchange Process. The Common operations used by IKE Exchange Process.
Copyright (c) 2010, Intel Corporation. All rights reserved.<BR> Copyright (c) 2010 - 2011, Intel Corporation. All rights reserved.<BR>
This program and the accompanying materials This program and the accompanying materials
are licensed and made available under the terms and conditions of the BSD License are licensed and made available under the terms and conditions of the BSD License
@ -947,6 +947,7 @@ Ikev2ChildSaSilentDelete (
// //
IsRemoteFound = TRUE; IsRemoteFound = TRUE;
RemoteSelector = AllocateZeroPool (SelectorSize); RemoteSelector = AllocateZeroPool (SelectorSize);
ASSERT (RemoteSelector != NULL);
CopyMem (RemoteSelector, Selector, SelectorSize); CopyMem (RemoteSelector, Selector, SelectorSize);
} }
@ -957,6 +958,7 @@ Ikev2ChildSaSilentDelete (
// //
IsLocalFound = TRUE; IsLocalFound = TRUE;
LocalSelector = AllocateZeroPool (SelectorSize); LocalSelector = AllocateZeroPool (SelectorSize);
ASSERT (LocalSelector != NULL);
CopyMem (LocalSelector, Selector, SelectorSize); CopyMem (LocalSelector, Selector, SelectorSize);
} }
} }

View File

@ -1,7 +1,7 @@
/** @file /** @file
The implementation of IPSEC_CONFIG_PROTOCOL. The implementation of IPSEC_CONFIG_PROTOCOL.
Copyright (c) 2009 - 2010, Intel Corporation. All rights reserved.<BR> Copyright (c) 2009 - 2011, Intel Corporation. All rights reserved.<BR>
This program and the accompanying materials This program and the accompanying materials
are licensed and made available under the terms and conditions of the BSD License are licensed and made available under the terms and conditions of the BSD License
@ -2196,6 +2196,10 @@ IpSecGetVariable (
VariableNameISizeNew, VariableNameISizeNew,
VariableNameI VariableNameI
); );
if (VariableNameI == NULL) {
Status = EFI_OUT_OF_RESOURCES;
break;
}
VariableNameISize = VariableNameISizeNew; VariableNameISize = VariableNameISizeNew;
Status = gRT->GetNextVariableName ( Status = gRT->GetNextVariableName (
@ -2272,7 +2276,9 @@ IpSecGetVariable (
} }
ON_EXIT: ON_EXIT:
FreePool (VariableNameI); if (VariableNameI != NULL) {
FreePool (VariableNameI);
}
return Status; return Status;
} }
@ -2700,7 +2706,7 @@ IpSecCopyPolicyEntry (
Buffer->Capacity += EntrySize; Buffer->Capacity += EntrySize;
TempPoint = AllocatePool (Buffer->Capacity); TempPoint = AllocatePool (Buffer->Capacity);
if (Buffer->Ptr == NULL) { if (TempPoint == NULL) {
return EFI_OUT_OF_RESOURCES; return EFI_OUT_OF_RESOURCES;
} }
// //

View File

@ -1237,6 +1237,7 @@ IpSecTunnelOutboundPacket (
); );
} else { } else {
InnerHead = AllocateZeroPool (sizeof (EFI_IP6_HEADER) + *OptionsLength); InnerHead = AllocateZeroPool (sizeof (EFI_IP6_HEADER) + *OptionsLength);
ASSERT (InnerHead != NULL);
CopyMem ( CopyMem (
InnerHead, InnerHead,
IpHead, IpHead,

View File

@ -765,6 +765,9 @@ StrnCatGrowLeft (
} else { } else {
*Destination = AllocateZeroPool(Count+sizeof(CHAR16)); *Destination = AllocateZeroPool(Count+sizeof(CHAR16));
} }
if (*Destination == NULL) {
return NULL;
}
CopySize = StrSize(*Destination); CopySize = StrSize(*Destination);
CopyMem((*Destination)+((Count-2)/sizeof(CHAR16)), *Destination, CopySize); CopyMem((*Destination)+((Count-2)/sizeof(CHAR16)), *Destination, CopySize);

View File

@ -1933,6 +1933,9 @@ InternalCommandLineParse (
// initialize the linked list // initialize the linked list
// //
*CheckPackage = (LIST_ENTRY*)AllocateZeroPool(sizeof(LIST_ENTRY)); *CheckPackage = (LIST_ENTRY*)AllocateZeroPool(sizeof(LIST_ENTRY));
if (*CheckPackage == NULL) {
return EFI_OUT_OF_RESOURCES;
}
InitializeListHead(*CheckPackage); InitializeListHead(*CheckPackage);
// //