audk/NetworkPkg/HttpUtilitiesDxe
Li, Songpeng 130e629284 NetworkPkg/HttpUtilitiesDxe: fix read memory access overflow.
The input param String of AsciiStrStr() requires a pointer to
 Null-terminated string, however in HttpUtilitiesParse(),
 the Buffersize before AllocateZeroPool() is equal to the size
 of TCP header, after the CopyMem(), it might not end with
 Null-terminator. It might cause memory access overflow.

Cc: Fu Siyuan <siyuan.fu@intel.com>
Cc: Wu Jiaxin <jiaxin.wu@intel.com>
Ref: https://bugzilla.tianocore.org/show_bug.cgi?id=1204
Contributed-under: TianoCore Contribution Agreement 1.1
Signed-off-by: Songpeng Li <songpeng.li@intel.com>
Reviewed-by: Fu Siyuan <siyuan.fu@intel.com>
2018-09-29 10:51:37 +08:00
..
HttpUtilitiesDxe.c
HttpUtilitiesDxe.h
HttpUtilitiesDxe.inf
HttpUtilitiesDxe.uni
HttpUtilitiesDxeExtra.uni
HttpUtilitiesProtocol.c