MdeModulePkg/DxeHttpLib: Fix the incorrect return status if URI port is invalid

Cc: Zhang Lubo <lubo.zhang@intel.com>
Cc: Ye Ting <ting.ye@intel.com>
Cc: Fu Siyuan <siyuan.fu@intel.com>
Contributed-under: TianoCore Contribution Agreement 1.0
Signed-off-by: Wu Jiaxin <jiaxin.wu@intel.com>
Reviewed-by: Zhang Lubo <lubo.zhang@intel.com>

MdeModulePkg/Library/DxeHttpLib/DxeHttpLib.c

@@ -692,6 +692,7 @@ HttpUrlGetPort (
 {
   CHAR8         *PortString;
   EFI_STATUS    Status;
+  UINTN         Index;
   UINTN         Data;
   UINT32        ResultLength;
   HTTP_URL_PARSER      *Parser;
@@ -700,6 +701,9 @@ HttpUrlGetPort (
     return EFI_INVALID_PARAMETER;
   }
 
+  *Port = 0;
+  Index = 0;
+
   Parser = (HTTP_URL_PARSER*) UrlParser;
 
   if ((Parser->FieldBitMap & BIT (HTTP_URI_FIELD_PORT)) == 0) {
@@ -723,8 +727,19 @@ HttpUrlGetPort (
 
   PortString[ResultLength] = '\0';
 
+  while (Index < ResultLength) {
+    if (!NET_IS_DIGIT (PortString[Index])) {
+      return EFI_INVALID_PARAMETER;
+    }
+    Index ++;
+  }
+
   Status =  AsciiStrDecimalToUintnS (Url + Parser->FieldData[HTTP_URI_FIELD_PORT].Offset, (CHAR8 **) NULL, &Data);
 
+  if (Data > HTTP_URI_PORT_MAX_NUM || Data < HTTP_URI_PORT_MIN_NUM) {
+    return EFI_INVALID_PARAMETER;
+  }
+
   *Port = (UINT16) Data;
   return Status;
 }

MdeModulePkg/Library/DxeHttpLib/DxeHttpLib.h

@@ -1,7 +1,7 @@
 /** @file
 Header file for HttpLib.
 
-  Copyright (c) 2016, Intel Corporation. All rights reserved.<BR>
+  Copyright (c) 2016 - 2017, Intel Corporation. All rights reserved.<BR>
   (C) Copyright 2016 Hewlett Packard Enterprise Development LP<BR>
 
   This program and the accompanying materials
@@ -50,6 +50,9 @@ Header file for HttpLib.
 #define   HTTP_URI_FIELD_PORT             7
 #define   HTTP_URI_FIELD_MAX              8
 
+#define   HTTP_URI_PORT_MIN_NUM           0
+#define   HTTP_URI_PORT_MAX_NUM           65535
+
 //
 // Structure to store the parse result of a HTTP URL.
 //