audk/NetworkPkg/HttpUtilitiesDxe
Li, Songpeng 130e629284 NetworkPkg/HttpUtilitiesDxe: fix read memory access overflow.
The input param String of AsciiStrStr() requires a pointer to
 Null-terminated string, however in HttpUtilitiesParse(),
 the Buffersize before AllocateZeroPool() is equal to the size
 of TCP header, after the CopyMem(), it might not end with
 Null-terminator. It might cause memory access overflow.

Cc: Fu Siyuan <siyuan.fu@intel.com>
Cc: Wu Jiaxin <jiaxin.wu@intel.com>
Ref: https://bugzilla.tianocore.org/show_bug.cgi?id=1204
Contributed-under: TianoCore Contribution Agreement 1.1
Signed-off-by: Songpeng Li <songpeng.li@intel.com>
Reviewed-by: Fu Siyuan <siyuan.fu@intel.com>
2018-09-29 10:51:37 +08:00
..
HttpUtilitiesDxe.c NetworkPkg: Clean up source files 2018-06-28 11:19:49 +08:00
HttpUtilitiesDxe.h
HttpUtilitiesDxe.inf
HttpUtilitiesDxe.uni NetworkPkg: Clean up source files 2018-06-28 11:19:49 +08:00
HttpUtilitiesDxeExtra.uni NetworkPkg: Clean up source files 2018-06-28 11:19:49 +08:00
HttpUtilitiesProtocol.c NetworkPkg/HttpUtilitiesDxe: fix read memory access overflow. 2018-09-29 10:51:37 +08:00