tyler.durden
/
audk
mirror of https://github.com/acidanthera/audk.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity
audk/NetworkPkg/DnsDxe
History
Jiaxin Wu 84110bbe4b NetworkPkg/DnsDxe: [CVE-2018-12178] Check the received packet size before parsing the message. 
Fix CVE-2018-12178
REF: https://bugzilla.tianocore.org/show_bug.cgi?id=809

The DNS driver only checks the received packet size against the
minimum DNS header size in DnsOnPacketReceived(), later it accesses
the QueryName and QuerySection beyond the header scope, which might
cause the pointer within DNS driver points to an invalid entry or
modifies the memory content beyond the header scope.

This patch is to fix above problem.

Cc: Ye Ting <ting.ye@intel.com>
Cc: Fu Siyuan <siyuan.fu@intel.com>
Cc: Wang Fan <fan.wang@intel.com>
Contributed-under: TianoCore Contribution Agreement 1.0
Signed-off-by: Wu Jiaxin <jiaxin.wu@intel.com>
Reviewed-by: Siyuan Fu <siyuan.fu@intel.com>
 		2019-02-28 08:39:16 +08:00
..
ComponentName.c NetworkPkg: Clean up source files 2018-06-28 11:19:49 +08:00
DnsDhcp.c NetworkPkg: Clean up source files 2018-06-28 11:19:49 +08:00
DnsDhcp.h NetworkPkg: Clean up source files 2018-06-28 11:19:49 +08:00
DnsDriver.c NetworkPkg/DnsDxe: Remove unnecessary NULL pointer check. 2019-01-23 08:46:50 +08:00
DnsDriver.h NetworkPkg: Clean up source files 2018-06-28 11:19:49 +08:00
DnsDxe.inf NetworkPkg: Clean up source files 2018-06-28 11:19:49 +08:00
DnsDxe.uni NetworkPkg: Clean up source files 2018-06-28 11:19:49 +08:00
DnsDxeExtra.uni NetworkPkg: Clean up source files 2018-06-28 11:19:49 +08:00
DnsImpl.c NetworkPkg/DnsDxe: [CVE-2018-12178] Check the received packet size before parsing the message. 2019-02-28 08:39:16 +08:00
DnsImpl.h NetworkPkg/DnsDxe: [CVE-2018-12178] Check the received packet size before parsing the message. 2019-02-28 08:39:16 +08:00
DnsProtocol.c NetworkPkg: Clean up source files 2018-06-28 11:19:49 +08:00