tyler.durden
/
audk
mirror of https://github.com/acidanthera/audk.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

MdeModulePkg/DxeHttpLib: Check the input parameters for some APIs. 

Cc: Ye Ting <ting.ye@intel.com>
Cc: Fu Siyuan <siyuan.fu@intel.com>
Cc: Wang Fan <fan.wang@intel.com>
Contributed-under: TianoCore Contribution Agreement 1.0
Signed-off-by: Wu Jiaxin <jiaxin.wu@intel.com>
Reviewed-by: Fu Siyuan <siyuan.fu@intel.com
This commit is contained in:
Jiaxin Wu 2017-12-25 16:43:37 +08:00
parent f5168b847d
commit 0efeec8e20
2 changed files with 21 additions and 5 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

1
MdeModulePkg/Include/Library/HttpLib.h
View File

@ -372,6 +372,7 @@ HttpFindHeader (
@retval EFI_SUCCESS The FieldName and FieldValue are set into HttpHeader successfully. @retval EFI_SUCCESS The FieldName and FieldValue are set into HttpHeader successfully.
@retval EFI_INVALID_PARAMETER The parameter is invalid.
@retval EFI_OUT_OF_RESOURCES Failed to allocate resources. @retval EFI_OUT_OF_RESOURCES Failed to allocate resources.
**/ **/

25
MdeModulePkg/Library/DxeHttpLib/DxeHttpLib.c
View File

@ -1399,6 +1399,10 @@ HttpIsMessageComplete (
{ {
HTTP_BODY_PARSER *Parser; HTTP_BODY_PARSER *Parser;
if (MsgParser == NULL) {
return FALSE;
}
Parser = (HTTP_BODY_PARSER*) MsgParser; Parser = (HTTP_BODY_PARSER*) MsgParser;
if (Parser->State == BodyParserComplete) { if (Parser->State == BodyParserComplete) {
@ -1500,6 +1504,7 @@ AsciiStrGetNextToken (
@retval EFI_SUCCESS The FieldName and FieldValue are set into HttpHeader successfully. @retval EFI_SUCCESS The FieldName and FieldValue are set into HttpHeader successfully.
@retval EFI_INVALID_PARAMETER The parameter is invalid.
@retval EFI_OUT_OF_RESOURCES Failed to allocate resources. @retval EFI_OUT_OF_RESOURCES Failed to allocate resources.
**/ **/
@ -1514,6 +1519,10 @@ HttpSetFieldNameAndValue (
UINTN FieldNameSize; UINTN FieldNameSize;
UINTN FieldValueSize; UINTN FieldValueSize;
if (HttpHeader == NULL || FieldName == NULL || FieldValue == NULL) {
return EFI_INVALID_PARAMETER;
}
if (HttpHeader->FieldName != NULL) { if (HttpHeader->FieldName != NULL) {
FreePool (HttpHeader->FieldName); FreePool (HttpHeader->FieldName);
} }
@ -1731,10 +1740,6 @@ HttpGenRequestMessage (
UINTN Index; UINTN Index;
EFI_HTTP_UTILITIES_PROTOCOL *HttpUtilitiesProtocol; EFI_HTTP_UTILITIES_PROTOCOL *HttpUtilitiesProtocol;
ASSERT (Message != NULL);
*RequestMsg = NULL;
Status = EFI_SUCCESS; Status = EFI_SUCCESS;
HttpHdrSize = 0; HttpHdrSize = 0;
MsgSize = 0; MsgSize = 0;
@ -1749,7 +1754,8 @@ HttpGenRequestMessage (
// 3. If we do not have a Request, HeaderCount should be zero // 3. If we do not have a Request, HeaderCount should be zero
// 4. If we do not have Request and Headers, we need at least a message-body // 4. If we do not have Request and Headers, we need at least a message-body
// //
if ((Message->Data.Request != NULL && Url == NULL) || if ((Message == NULL || RequestMsg == NULL || RequestMsgSize == NULL) ||
(Message->Data.Request != NULL && Url == NULL) ||
(Message->Data.Request != NULL && Message->HeaderCount == 0) || (Message->Data.Request != NULL && Message->HeaderCount == 0) ||
(Message->Data.Request == NULL && Message->HeaderCount != 0) || (Message->Data.Request == NULL && Message->HeaderCount != 0) ||
(Message->Data.Request == NULL && Message->HeaderCount == 0 && Message->BodyLength == 0)) { (Message->Data.Request == NULL && Message->HeaderCount == 0 && Message->BodyLength == 0)) {
@ -1830,6 +1836,7 @@ HttpGenRequestMessage (
// //
// memory for the string that needs to be sent to TCP // memory for the string that needs to be sent to TCP
// //
*RequestMsg = NULL;
*RequestMsg = AllocateZeroPool (MsgSize); *RequestMsg = AllocateZeroPool (MsgSize);
if (*RequestMsg == NULL) { if (*RequestMsg == NULL) {
Status = EFI_OUT_OF_RESOURCES; Status = EFI_OUT_OF_RESOURCES;
@ -2055,7 +2062,15 @@ HttpIsValidHttpHeader (
{ {
UINTN Index; UINTN Index;
if (FieldName == NULL) {
return FALSE;
}
for (Index = 0; Index < DeleteCount; Index++) { for (Index = 0; Index < DeleteCount; Index++) {
if (DeleteList[Index] == NULL) {
continue;
}
if (AsciiStrCmp (FieldName, DeleteList[Index]) == 0) { if (AsciiStrCmp (FieldName, DeleteList[Index]) == 0) {
return FALSE; return FALSE;
} }