This library is used to share code between UEFI network stack modules.\r
It provides the helper routines to parse the HTTP message byte stream.\r
\r
-Copyright (c) 2015 - 2016, Intel Corporation. All rights reserved.<BR>\r
+Copyright (c) 2015 - 2019, Intel Corporation. All rights reserved.<BR>\r
(C) Copyright 2016 Hewlett Packard Enterprise Development LP<BR>\r
-This program and the accompanying materials\r
-are licensed and made available under the terms and conditions of the BSD License\r
-which accompanies this distribution. The full text of the license may be found at<BR>\r
-http://opensource.org/licenses/bsd-license.php\r
-\r
-THE PROGRAM IS DISTRIBUTED UNDER THE BSD LICENSE ON AN "AS IS" BASIS,\r
-WITHOUT WARRANTIES OR REPRESENTATIONS OF ANY KIND, EITHER EXPRESS OR IMPLIED.\r
+SPDX-License-Identifier: BSD-2-Clause-Patent\r
\r
**/\r
\r
\r
/**\r
Decode a percent-encoded URI component to the ASCII character.\r
- \r
- Decode the input component in Buffer according to RFC 3986. The caller is responsible to make \r
+\r
+ Decode the input component in Buffer according to RFC 3986. The caller is responsible to make\r
sure ResultBuffer points to a buffer with size equal or greater than ((AsciiStrSize (Buffer))\r
- in bytes. \r
+ in bytes.\r
\r
@param[in] Buffer The pointer to a percent-encoded URI component.\r
@param[in] BufferLength Length of Buffer in bytes.\r
\r
@retval EFI_SUCCESS Successfully decoded the URI.\r
@retval EFI_INVALID_PARAMETER Buffer is not a valid percent-encoded string.\r
- \r
+\r
**/\r
EFI_STATUS\r
EFIAPI\r
if (Buffer == NULL || BufferLength == 0 || ResultBuffer == NULL) {\r
return EFI_INVALID_PARAMETER;\r
}\r
- \r
+\r
Index = 0;\r
Offset = 0;\r
HexStr[2] = '\0';\r
while (Index < BufferLength) {\r
if (Buffer[Index] == '%') {\r
- if (!NET_IS_HEX_CHAR (Buffer[Index+1]) || !NET_IS_HEX_CHAR (Buffer[Index+2])) {\r
+ if (Index + 1 >= BufferLength || Index + 2 >= BufferLength ||\r
+ !NET_IS_HEX_CHAR (Buffer[Index+1]) || !NET_IS_HEX_CHAR (Buffer[Index+2])) {\r
return EFI_INVALID_PARAMETER;\r
}\r
HexStr[0] = Buffer[Index+1];\r
}\r
\r
*ResultLength = (UINT32) Offset;\r
- \r
+\r
return EFI_SUCCESS;\r
}\r
\r
\r
@param[in] Char Next character.\r
@param[in] State Current value of the parser state machine.\r
- @param[in] IsRightBracket TRUE if there is an sign ']' in the authority component and \r
- indicates the next part is ':' before Port. \r
+ @param[in] IsRightBracket TRUE if there is an sign ']' in the authority component and\r
+ indicates the next part is ':' before Port.\r
\r
@return Updated state value.\r
**/\r
break;\r
\r
case UrlParserHost:\r
- case UrlParserHostStart: \r
+ case UrlParserHostStart:\r
if (Char == '[') {\r
return UrlParserHostIpv6;\r
}\r
- \r
+\r
if (Char == ':') {\r
return UrlParserPortStart;\r
}\r
- \r
+\r
return UrlParserHost;\r
- \r
- case UrlParserHostIpv6: \r
+\r
+ case UrlParserHostIpv6:\r
if (Char == ']') {\r
*IsRightBracket = TRUE;\r
}\r
- \r
+\r
if (Char == ':' && *IsRightBracket) {\r
return UrlParserPortStart;\r
}\r
return UrlParserHostIpv6;\r
- \r
+\r
case UrlParserPort:\r
case UrlParserPortStart:\r
return UrlParserPort;\r
@param[in, out] UrlParser Pointer to the buffer of the parse result.\r
\r
@retval EFI_SUCCESS Successfully parse the authority.\r
- @retval Other Error happened.\r
+ @retval EFI_INVALID_PARAMETER The Url is invalid to parse the authority component.\r
\r
**/\r
EFI_STATUS\r
UINT32 Field;\r
UINT32 OldField;\r
BOOLEAN IsrightBracket;\r
- \r
+\r
ASSERT ((UrlParser->FieldBitMap & BIT (HTTP_URI_FIELD_AUTHORITY)) != 0);\r
\r
//\r
case UrlParserUserInfo:\r
Field = HTTP_URI_FIELD_USERINFO;\r
break;\r
- \r
+\r
case UrlParserHost:\r
Field = HTTP_URI_FIELD_HOST;\r
break;\r
case UrlParserHostIpv6:\r
Field = HTTP_URI_FIELD_HOST;\r
break;\r
- \r
+\r
case UrlParserPort:\r
Field = HTTP_URI_FIELD_PORT;\r
break;\r
if (Char == ' ' || Char == '\r' || Char == '\n') {\r
return UrlParserStateMax;\r
}\r
- \r
+\r
//\r
// http_URL = "http:" "//" host [ ":" port ] [ abs_path [ "?" query ]]\r
- // \r
+ //\r
// Request-URI = "*" | absolute-URI | path-absolute | authority\r
- // \r
+ //\r
// absolute-URI = scheme ":" hier-part [ "?" query ]\r
// path-absolute = "/" [ segment-nz *( "/" segment ) ]\r
// authority = [ userinfo "@" ] host [ ":" port ]\r
\r
case UrlParserFragmentStart:\r
return UrlParserFragment;\r
- \r
+\r
default:\r
break;\r
}\r
BOOLEAN FoundAt;\r
EFI_STATUS Status;\r
HTTP_URL_PARSER *Parser;\r
- \r
+\r
+ Parser = NULL;\r
+\r
if (Url == NULL || Length == 0 || UrlParser == NULL) {\r
return EFI_INVALID_PARAMETER;\r
}\r
if (Parser == NULL) {\r
return EFI_OUT_OF_RESOURCES;\r
}\r
- \r
+\r
if (IsConnectMethod) {\r
//\r
// According to RFC 2616, the authority form is only used by the CONNECT method.\r
FoundAt = FALSE;\r
for (Char = Url; Char < Url + Length; Char++) {\r
//\r
- // Update state machine accoring to next char.\r
+ // Update state machine according to next char.\r
//\r
State = NetHttpParseUrlChar (*Char, State);\r
\r
switch (State) {\r
case UrlParserStateMax:\r
+ FreePool (Parser);\r
return EFI_INVALID_PARAMETER;\r
- \r
+\r
case UrlParserSchemeColon:\r
case UrlParserSchemeColonSlash:\r
case UrlParserSchemeColonSlashSlash:\r
// Skip all the delimiting char: "://" "?" "@"\r
//\r
continue;\r
- \r
+\r
case UrlParserScheme:\r
Field = HTTP_URI_FIELD_SCHEME;\r
break;\r
if ((Parser->FieldBitMap & BIT (HTTP_URI_FIELD_AUTHORITY)) != 0) {\r
Status = NetHttpParseAuthority (Url, FoundAt, Parser);\r
if (EFI_ERROR (Status)) {\r
+ FreePool (Parser);\r
return Status;\r
}\r
}\r
\r
*UrlParser = Parser;\r
- return EFI_SUCCESS; \r
+ return EFI_SUCCESS;\r
}\r
\r
/**\r
@retval EFI_INVALID_PARAMETER Uri is NULL or HostName is NULL or UrlParser is invalid.\r
@retval EFI_NOT_FOUND No hostName component in the URL.\r
@retval EFI_OUT_OF_RESOURCES Could not allocate needed resources.\r
- \r
+\r
**/\r
EFI_STATUS\r
EFIAPI\r
return EFI_INVALID_PARAMETER;\r
}\r
\r
- Parser = (HTTP_URL_PARSER*) UrlParser;\r
+ Parser = (HTTP_URL_PARSER *) UrlParser;\r
\r
if ((Parser->FieldBitMap & BIT (HTTP_URI_FIELD_HOST)) == 0) {\r
return EFI_NOT_FOUND;\r
if (Name == NULL) {\r
return EFI_OUT_OF_RESOURCES;\r
}\r
- \r
+\r
Status = UriPercentDecode (\r
Url + Parser->FieldData[HTTP_URI_FIELD_HOST].Offset,\r
Parser->FieldData[HTTP_URI_FIELD_HOST].Length,\r
&ResultLength\r
);\r
if (EFI_ERROR (Status)) {\r
+ FreePool (Name);\r
return Status;\r
}\r
\r
@retval EFI_INVALID_PARAMETER Uri is NULL or Ip4Address is NULL or UrlParser is invalid.\r
@retval EFI_NOT_FOUND No IPv4 address component in the URL.\r
@retval EFI_OUT_OF_RESOURCES Could not allocate needed resources.\r
- \r
+\r
**/\r
EFI_STATUS\r
EFIAPI\r
EFI_STATUS Status;\r
UINT32 ResultLength;\r
HTTP_URL_PARSER *Parser;\r
- \r
+\r
if (Url == NULL || UrlParser == NULL || Ip4Address == NULL) {\r
return EFI_INVALID_PARAMETER;\r
}\r
\r
- Parser = (HTTP_URL_PARSER*) UrlParser;\r
+ Parser = (HTTP_URL_PARSER *) UrlParser;\r
\r
if ((Parser->FieldBitMap & BIT (HTTP_URI_FIELD_HOST)) == 0) {\r
- return EFI_INVALID_PARAMETER;\r
+ return EFI_NOT_FOUND;\r
}\r
\r
Ip4String = AllocatePool (Parser->FieldData[HTTP_URI_FIELD_HOST].Length + 1);\r
if (Ip4String == NULL) {\r
return EFI_OUT_OF_RESOURCES;\r
}\r
- \r
+\r
Status = UriPercentDecode (\r
Url + Parser->FieldData[HTTP_URI_FIELD_HOST].Offset,\r
Parser->FieldData[HTTP_URI_FIELD_HOST].Length,\r
&ResultLength\r
);\r
if (EFI_ERROR (Status)) {\r
+ FreePool (Ip4String);\r
return Status;\r
}\r
\r
@retval EFI_INVALID_PARAMETER Uri is NULL or Ip6Address is NULL or UrlParser is invalid.\r
@retval EFI_NOT_FOUND No IPv6 address component in the URL.\r
@retval EFI_OUT_OF_RESOURCES Could not allocate needed resources.\r
- \r
+\r
**/\r
EFI_STATUS\r
EFIAPI\r
EFI_STATUS Status;\r
UINT32 ResultLength;\r
HTTP_URL_PARSER *Parser;\r
- \r
+\r
if (Url == NULL || UrlParser == NULL || Ip6Address == NULL) {\r
return EFI_INVALID_PARAMETER;\r
}\r
\r
- Parser = (HTTP_URL_PARSER*) UrlParser;\r
+ Parser = (HTTP_URL_PARSER *) UrlParser;\r
\r
if ((Parser->FieldBitMap & BIT (HTTP_URI_FIELD_HOST)) == 0) {\r
- return EFI_INVALID_PARAMETER;\r
+ return EFI_NOT_FOUND;\r
}\r
\r
//\r
if (Ip6String == NULL) {\r
return EFI_OUT_OF_RESOURCES;\r
}\r
- \r
+\r
Status = UriPercentDecode (\r
Ptr + 1,\r
Length - 2,\r
&ResultLength\r
);\r
if (EFI_ERROR (Status)) {\r
+ FreePool (Ip6String);\r
return Status;\r
}\r
- \r
+\r
Ip6String[ResultLength] = '\0';\r
Status = NetLibAsciiStrToIp6 (Ip6String, Ip6Address);\r
FreePool (Ip6String);\r
@retval EFI_INVALID_PARAMETER Uri is NULL or Port is NULL or UrlParser is invalid.\r
@retval EFI_NOT_FOUND No port number in the URL.\r
@retval EFI_OUT_OF_RESOURCES Could not allocate needed resources.\r
- \r
+\r
**/\r
EFI_STATUS\r
EFIAPI\r
OUT UINT16 *Port\r
)\r
{\r
- CHAR8 *PortString;\r
- EFI_STATUS Status;\r
- UINT32 ResultLength;\r
+ CHAR8 *PortString;\r
+ EFI_STATUS Status;\r
+ UINTN Index;\r
+ UINTN Data;\r
+ UINT32 ResultLength;\r
HTTP_URL_PARSER *Parser;\r
\r
if (Url == NULL || UrlParser == NULL || Port == NULL) {\r
return EFI_INVALID_PARAMETER;\r
}\r
\r
- Parser = (HTTP_URL_PARSER*) UrlParser;\r
+ *Port = 0;\r
+ Index = 0;\r
+\r
+ Parser = (HTTP_URL_PARSER *) UrlParser;\r
\r
if ((Parser->FieldBitMap & BIT (HTTP_URI_FIELD_PORT)) == 0) {\r
- return EFI_INVALID_PARAMETER;\r
+ return EFI_NOT_FOUND;\r
}\r
\r
PortString = AllocatePool (Parser->FieldData[HTTP_URI_FIELD_PORT].Length + 1);\r
&ResultLength\r
);\r
if (EFI_ERROR (Status)) {\r
- return Status;\r
+ goto ON_EXIT;\r
}\r
\r
PortString[ResultLength] = '\0';\r
- *Port = (UINT16) AsciiStrDecimalToUintn (Url + Parser->FieldData[HTTP_URI_FIELD_PORT].Offset);\r
\r
- return EFI_SUCCESS;\r
+ while (Index < ResultLength) {\r
+ if (!NET_IS_DIGIT (PortString[Index])) {\r
+ Status = EFI_INVALID_PARAMETER;\r
+ goto ON_EXIT;\r
+ }\r
+ Index ++;\r
+ }\r
+\r
+ Status = AsciiStrDecimalToUintnS (Url + Parser->FieldData[HTTP_URI_FIELD_PORT].Offset, (CHAR8 **) NULL, &Data);\r
+\r
+ if (Data > HTTP_URI_PORT_MAX_NUM) {\r
+ Status = EFI_INVALID_PARAMETER;\r
+ goto ON_EXIT;\r
+ }\r
+\r
+ *Port = (UINT16) Data;\r
+\r
+ON_EXIT:\r
+ FreePool (PortString);\r
+ return Status;\r
}\r
\r
/**\r
@retval EFI_INVALID_PARAMETER Uri is NULL or HostName is NULL or UrlParser is invalid.\r
@retval EFI_NOT_FOUND No hostName component in the URL.\r
@retval EFI_OUT_OF_RESOURCES Could not allocate needed resources.\r
- \r
+\r
**/\r
EFI_STATUS\r
EFIAPI\r
return EFI_INVALID_PARAMETER;\r
}\r
\r
- Parser = (HTTP_URL_PARSER*) UrlParser;\r
+ Parser = (HTTP_URL_PARSER *) UrlParser;\r
\r
if ((Parser->FieldBitMap & BIT (HTTP_URI_FIELD_PATH)) == 0) {\r
return EFI_NOT_FOUND;\r
if (PathStr == NULL) {\r
return EFI_OUT_OF_RESOURCES;\r
}\r
- \r
+\r
Status = UriPercentDecode (\r
Url + Parser->FieldData[HTTP_URI_FIELD_PATH].Offset,\r
Parser->FieldData[HTTP_URI_FIELD_PATH].Length,\r
&ResultLength\r
);\r
if (EFI_ERROR (Status)) {\r
+ FreePool (PathStr);\r
return Status;\r
}\r
\r
Release the resource of the URL parser.\r
\r
@param[in] UrlParser Pointer to the parser.\r
- \r
+\r
**/\r
VOID\r
EFIAPI\r
/**\r
Find a specified header field according to the field name.\r
\r
- @param[in] HeaderCount Number of HTTP header structures in Headers list. \r
+ @param[in] HeaderCount Number of HTTP header structures in Headers list.\r
@param[in] Headers Array containing list of HTTP headers.\r
- @param[in] FieldName Null terminated string which describes a field name. \r
+ @param[in] FieldName Null terminated string which describes a field name.\r
\r
@return Pointer to the found header or NULL.\r
\r
UINTN CurrentChunkParsedSize;\r
} HTTP_BODY_PARSER;\r
\r
-/**\r
-\r
- Convert an Ascii char to its uppercase.\r
-\r
- @param[in] Char Ascii character.\r
-\r
- @return Uppercase value of the input Char.\r
-\r
-**/\r
-CHAR8\r
-HttpIoCharToUpper (\r
- IN CHAR8 Char\r
- )\r
-{\r
- if (Char >= 'a' && Char <= 'z') {\r
- return Char - ('a' - 'A');\r
- }\r
-\r
- return Char;\r
-}\r
-\r
/**\r
Convert an hexadecimal char to a value of type UINTN.\r
\r
return Char - '0';\r
}\r
\r
- return (10 + HttpIoCharToUpper (Char) - 'A');\r
+ return (10 + AsciiCharToUpper (Char) - 'A');\r
}\r
\r
/**\r
return EFI_NOT_FOUND;\r
}\r
\r
- *ContentLength = AsciiStrDecimalToUintn (Header->FieldValue);\r
- return EFI_SUCCESS;\r
+ return AsciiStrDecimalToUintnS (Header->FieldValue, (CHAR8 **) NULL, ContentLength);\r
}\r
\r
/**\r
@param[in] Headers Array containing list of HTTP headers.\r
\r
@return The message is "chunked" transfer-coding (TRUE) or not (FALSE).\r
- \r
+\r
**/\r
BOOLEAN\r
HttpIoIsChunked (\r
{\r
EFI_STATUS Status;\r
HTTP_BODY_PARSER *Parser;\r
- \r
+\r
if (HeaderCount != 0 && Headers == NULL) {\r
return EFI_INVALID_PARAMETER;\r
}\r
}\r
\r
Parser->State = BodyParserBodyStart;\r
- \r
+\r
//\r
// Determine the message length according to RFC 2616.\r
// 1. Check whether the message "MUST NOT" have a message-body.\r
// 4. Range header is not supported now, so we won't meet media type "multipart/byteranges".\r
// 5. By server closing the connection\r
//\r
- \r
+\r
//\r
// Set state to skip body parser if the message shouldn't have a message body.\r
//\r
\r
@retval EFI_SUCCESS Successfully parse the message-body.\r
@retval EFI_INVALID_PARAMETER MsgParser is NULL or Body is NULL or BodyLength is 0.\r
- @retval Others Operation aborted.\r
+ @retval EFI_ABORTED Operation aborted.\r
+ @retval Other Error happened while parsing message body.\r
\r
**/\r
EFI_STATUS\r
UINTN LengthForCallback;\r
EFI_STATUS Status;\r
HTTP_BODY_PARSER *Parser;\r
- \r
+\r
if (BodyLength == 0 || Body == NULL) {\r
return EFI_INVALID_PARAMETER;\r
}\r
return EFI_INVALID_PARAMETER;\r
}\r
\r
- Parser = (HTTP_BODY_PARSER*) MsgParser;\r
+ Parser = (HTTP_BODY_PARSER *) MsgParser;\r
\r
if (Parser->IgnoreBody) {\r
Parser->State = BodyParserComplete;\r
if (Parser->Callback != NULL) {\r
Status = Parser->Callback (\r
- BodyParseEventOnComplete,\r
- Body,\r
- 0,\r
- Parser->Context\r
- );\r
+ BodyParseEventOnComplete,\r
+ Body,\r
+ 0,\r
+ Parser->Context\r
+ );\r
if (EFI_ERROR (Status)) {\r
return Status;\r
}\r
switch (Parser->State) {\r
case BodyParserStateMax:\r
return EFI_ABORTED;\r
- \r
+\r
case BodyParserBodyIdentity:\r
//\r
// Identity transfer-coding, just notify user to save the body data.\r
//\r
if (Parser->Callback != NULL) {\r
Status = Parser->Callback (\r
- BodyParseEventOnData,\r
- Char,\r
- MIN (BodyLength, Parser->ContentLength - Parser->ParsedBodyLength),\r
- Parser->Context\r
- );\r
+ BodyParseEventOnData,\r
+ Char,\r
+ MIN (BodyLength, Parser->ContentLength - Parser->ParsedBodyLength),\r
+ Parser->Context\r
+ );\r
if (EFI_ERROR (Status)) {\r
return Status;\r
}\r
Parser->State = BodyParserComplete;\r
if (Parser->Callback != NULL) {\r
Status = Parser->Callback (\r
- BodyParseEventOnComplete,\r
- Char,\r
- 0,\r
- Parser->Context\r
- );\r
+ BodyParseEventOnComplete,\r
+ Char,\r
+ 0,\r
+ Parser->Context\r
+ );\r
if (EFI_ERROR (Status)) {\r
return Status;\r
}\r
}\r
Char++;\r
break;\r
- \r
+\r
case BodyParserChunkSizeEndCR:\r
if (*Char != '\n') {\r
Parser->State = BodyParserStateMax;\r
Char++;\r
if (Parser->CurrentChunkSize == 0) {\r
//\r
- // The last chunk has been parsed and now assumed the state \r
+ // The last chunk has been parsed and now assumed the state\r
// of HttpBodyParse is ParserLastCRLF. So it need to decide\r
// whether the rest message is trailer or last CRLF in the next round.\r
//\r
Parser->State = BodyParserChunkDataStart;\r
Parser->CurrentChunkParsedSize = 0;\r
break;\r
- \r
+\r
case BodyParserLastCRLF:\r
//\r
- // Judge the byte is belong to the Last CRLF or trailer, and then \r
+ // Judge the byte is belong to the Last CRLF or trailer, and then\r
// configure the state of HttpBodyParse to corresponding state.\r
//\r
if (*Char == '\r') {\r
Parser->State = BodyParserTrailer;\r
break;\r
}\r
- \r
+\r
case BodyParserLastCRLFEnd:\r
if (*Char == '\n') {\r
Parser->State = BodyParserComplete;\r
Char++;\r
if (Parser->Callback != NULL) {\r
Status = Parser->Callback (\r
- BodyParseEventOnComplete,\r
- Char,\r
- 0,\r
- Parser->Context\r
- );\r
+ BodyParseEventOnComplete,\r
+ Char,\r
+ 0,\r
+ Parser->Context\r
+ );\r
if (EFI_ERROR (Status)) {\r
return Status;\r
}\r
Parser->State = BodyParserStateMax;\r
break;\r
}\r
- \r
+\r
case BodyParserTrailer:\r
if (*Char == '\r') {\r
Parser->State = BodyParserChunkSizeEndCR;\r
}\r
Char++;\r
- break; \r
+ break;\r
\r
case BodyParserChunkDataStart:\r
//\r
LengthForCallback = MIN (Parser->CurrentChunkSize - Parser->CurrentChunkParsedSize, RemainderLengthInThis);\r
if (Parser->Callback != NULL) {\r
Status = Parser->Callback (\r
- BodyParseEventOnData,\r
- Char,\r
- LengthForCallback,\r
- Parser->Context\r
- );\r
+ BodyParseEventOnData,\r
+ Char,\r
+ LengthForCallback,\r
+ Parser->Context\r
+ );\r
if (EFI_ERROR (Status)) {\r
return Status;\r
}\r
Parser->CurrentChunkParsedSize += LengthForCallback;\r
if (Parser->CurrentChunkParsedSize == Parser->CurrentChunkSize) {\r
Parser->State = BodyParserChunkDataEnd;\r
- } \r
+ }\r
break;\r
\r
case BodyParserChunkDataEnd:\r
}\r
Char++;\r
Parser->State = BodyParserChunkSizeStart;\r
- break; \r
+ break;\r
\r
default:\r
break;\r
{\r
HTTP_BODY_PARSER *Parser;\r
\r
- Parser = (HTTP_BODY_PARSER*) MsgParser;\r
+ if (MsgParser == NULL) {\r
+ return FALSE;\r
+ }\r
+\r
+ Parser = (HTTP_BODY_PARSER *) MsgParser;\r
\r
if (Parser->State == BodyParserComplete) {\r
return TRUE;\r
@retval EFI_SUCCESS Successfully to get the entity length.\r
@retval EFI_NOT_READY Entity length is not valid yet.\r
@retval EFI_INVALID_PARAMETER MsgParser is NULL or ContentLength is NULL.\r
- \r
+\r
**/\r
EFI_STATUS\r
EFIAPI\r
return EFI_INVALID_PARAMETER;\r
}\r
\r
- Parser = (HTTP_BODY_PARSER*) MsgParser;\r
+ Parser = (HTTP_BODY_PARSER *) MsgParser;\r
\r
if (!Parser->ContentLengthIsValid) {\r
return EFI_NOT_READY;\r
Release the resource of the message parser.\r
\r
@param[in] MsgParser Pointer to the message parser.\r
- \r
+\r
**/\r
VOID\r
EFIAPI\r
\r
\r
/**\r
- Get the next string, which is distinguished by specified seperator.\r
+ Get the next string, which is distinguished by specified separator.\r
\r
@param[in] String Pointer to the string.\r
- @param[in] Seperator Specified seperator used to distinguish where is the beginning\r
+ @param[in] Separator Specified separator used to distinguish where is the beginning\r
of next string.\r
\r
@return Pointer to the next string.\r
\r
**/\r
CHAR8 *\r
-EFIAPI\r
AsciiStrGetNextToken (\r
IN CONST CHAR8 *String,\r
- IN CHAR8 Seperator\r
+ IN CHAR8 Separator\r
)\r
{\r
CONST CHAR8 *Token;\r
if (*Token == 0) {\r
return NULL;\r
}\r
- if (*Token == Seperator) {\r
+ if (*Token == Separator) {\r
return (CHAR8 *)(Token + 1);\r
}\r
Token++;\r
\r
\r
@retval EFI_SUCCESS The FieldName and FieldValue are set into HttpHeader successfully.\r
+ @retval EFI_INVALID_PARAMETER The parameter is invalid.\r
@retval EFI_OUT_OF_RESOURCES Failed to allocate resources.\r
\r
**/\r
UINTN FieldNameSize;\r
UINTN FieldValueSize;\r
\r
+ if (HttpHeader == NULL || FieldName == NULL || FieldValue == NULL) {\r
+ return EFI_INVALID_PARAMETER;\r
+ }\r
+\r
if (HttpHeader->FieldName != NULL) {\r
FreePool (HttpHeader->FieldName);\r
}\r
FieldValueSize = AsciiStrSize (FieldValue);\r
HttpHeader->FieldValue = AllocateZeroPool (FieldValueSize);\r
if (HttpHeader->FieldValue == NULL) {\r
+ FreePool (HttpHeader->FieldName);\r
return EFI_OUT_OF_RESOURCES;\r
}\r
CopyMem (HttpHeader->FieldValue, FieldValue, FieldValueSize);\r
CHAR8 *FieldNameStr;\r
CHAR8 *FieldValueStr;\r
CHAR8 *StrPtr;\r
+ CHAR8 *EndofHeader;\r
\r
if (String == NULL || FieldName == NULL || FieldValue == NULL) {\r
return NULL;\r
FieldNameStr = NULL;\r
FieldValueStr = NULL;\r
StrPtr = NULL;\r
+ EndofHeader = NULL;\r
+\r
+\r
+ //\r
+ // Check whether the raw HTTP header string is valid or not.\r
+ //\r
+ EndofHeader = AsciiStrStr (String, "\r\n\r\n");\r
+ if (EndofHeader == NULL) {\r
+ return NULL;\r
+ }\r
\r
//\r
// Each header field consists of a name followed by a colon (":") and the field value.\r
+ // The field value MAY be preceded by any amount of LWS, though a single SP is preferred.\r
+ //\r
+ // message-header = field-name ":" [ field-value ]\r
+ // field-name = token\r
+ // field-value = *( field-content | LWS )\r
+ //\r
+ // Note: "*(element)" allows any number element, including zero; "1*(element)" requires at least one element.\r
+ // [element] means element is optional.\r
+ // LWS = [CRLF] 1*(SP|HT), it can be ' ' or '\t' or '\r\n ' or '\r\n\t'.\r
+ // CRLF = '\r\n'.\r
+ // SP = ' '.\r
+ // HT = '\t' (Tab).\r
//\r
FieldNameStr = String;\r
FieldValueStr = AsciiStrGetNextToken (FieldNameStr, ':');\r
}\r
\r
//\r
- // Replace ':' with 0\r
+ // Replace ':' with 0, then FieldName has been retrived from String.\r
//\r
*(FieldValueStr - 1) = 0;\r
\r
//\r
- // The field value MAY be preceded by any amount of LWS, though a single SP is preferred.\r
+ // Handle FieldValueStr, skip all the preceded LWS.\r
//\r
while (TRUE) {\r
if (*FieldValueStr == ' ' || *FieldValueStr == '\t') {\r
+ //\r
+ // Boundary condition check.\r
+ //\r
+ if ((UINTN) EndofHeader - (UINTN) FieldValueStr < 1) {\r
+ //\r
+ // Wrong String format!\r
+ //\r
+ return NULL;\r
+ }\r
+\r
FieldValueStr ++;\r
- } else if (*FieldValueStr == '\r' && *(FieldValueStr + 1) == '\n' &&\r
- (*(FieldValueStr + 2) == ' ' || *(FieldValueStr + 2) == '\t')) {\r
- FieldValueStr = FieldValueStr + 3;\r
+ } else if (*FieldValueStr == '\r') {\r
+ //\r
+ // Boundary condition check.\r
+ //\r
+ if ((UINTN) EndofHeader - (UINTN) FieldValueStr < 3) {\r
+ //\r
+ // No more preceded LWS, so break here.\r
+ //\r
+ break;\r
+ }\r
+\r
+ if (*(FieldValueStr + 1) == '\n' ) {\r
+ if (*(FieldValueStr + 2) == ' ' || *(FieldValueStr + 2) == '\t') {\r
+ FieldValueStr = FieldValueStr + 3;\r
+ } else {\r
+ //\r
+ // No more preceded LWS, so break here.\r
+ //\r
+ break;\r
+ }\r
+ } else {\r
+ //\r
+ // Wrong String format!\r
+ //\r
+ return NULL;\r
+ }\r
} else {\r
+ //\r
+ // No more preceded LWS, so break here.\r
+ //\r
break;\r
}\r
}\r
\r
- //\r
- // Header fields can be extended over multiple lines by preceding each extra\r
- // line with at least one SP or HT.\r
- //\r
StrPtr = FieldValueStr;\r
do {\r
+ //\r
+ // Handle the LWS within the field value.\r
+ //\r
StrPtr = AsciiStrGetNextToken (StrPtr, '\r');\r
if (StrPtr == NULL || *StrPtr != '\n') {\r
+ //\r
+ // Wrong String format!\r
+ //\r
return NULL;\r
}\r
\r
NULL if any error occured.\r
@param[out] RequestMsgSize Size of the RequestMsg (in bytes).\r
\r
- @return EFI_SUCCESS If HTTP request string was created successfully\r
+ @retval EFI_SUCCESS If HTTP request string was created successfully.\r
@retval EFI_OUT_OF_RESOURCES Failed to allocate resources.\r
- @retval EFI_INVALID_PARAMETER The input arguments are invalid\r
+ @retval EFI_INVALID_PARAMETER The input arguments are invalid.\r
\r
**/\r
EFI_STATUS\r
UINTN Index;\r
EFI_HTTP_UTILITIES_PROTOCOL *HttpUtilitiesProtocol;\r
\r
-\r
- ASSERT (Message != NULL);\r
-\r
- *RequestMsg = NULL;\r
- MsgSize = 0;\r
- Success = FALSE;\r
- HttpHdr = NULL;\r
- AppendList = NULL;\r
+ Status = EFI_SUCCESS;\r
+ HttpHdrSize = 0;\r
+ MsgSize = 0;\r
+ Success = FALSE;\r
+ HttpHdr = NULL;\r
+ AppendList = NULL;\r
HttpUtilitiesProtocol = NULL;\r
\r
//\r
// 3. If we do not have a Request, HeaderCount should be zero\r
// 4. If we do not have Request and Headers, we need at least a message-body\r
//\r
- if ((Message->Data.Request != NULL && Url == NULL) ||\r
+ if ((Message == NULL || RequestMsg == NULL || RequestMsgSize == NULL) ||\r
+ (Message->Data.Request != NULL && Url == NULL) ||\r
(Message->Data.Request != NULL && Message->HeaderCount == 0) ||\r
(Message->Data.Request == NULL && Message->HeaderCount != 0) ||\r
(Message->Data.Request == NULL && Message->HeaderCount == 0 && Message->BodyLength == 0)) {\r
Status = gBS->LocateProtocol (\r
&gEfiHttpUtilitiesProtocolGuid,\r
NULL,\r
- (VOID **)&HttpUtilitiesProtocol\r
+ (VOID **) &HttpUtilitiesProtocol\r
);\r
\r
if (EFI_ERROR (Status)) {\r
// Build raw HTTP Headers\r
//\r
Status = HttpUtilitiesProtocol->Build (\r
- HttpUtilitiesProtocol,\r
- 0,\r
- NULL,\r
- 0,\r
- NULL,\r
- Message->HeaderCount,\r
- AppendList,\r
- &HttpHdrSize,\r
- &HttpHdr\r
- );\r
-\r
- if (AppendList != NULL) {\r
- FreePool (AppendList);\r
- }\r
+ HttpUtilitiesProtocol,\r
+ 0,\r
+ NULL,\r
+ 0,\r
+ NULL,\r
+ Message->HeaderCount,\r
+ AppendList,\r
+ &HttpHdrSize,\r
+ &HttpHdr\r
+ );\r
+\r
+ FreePool (AppendList);\r
\r
if (EFI_ERROR (Status) || HttpHdr == NULL){\r
return Status;\r
//\r
// memory for the string that needs to be sent to TCP\r
//\r
+ *RequestMsg = NULL;\r
*RequestMsg = AllocateZeroPool (MsgSize);\r
if (*RequestMsg == NULL) {\r
Status = EFI_OUT_OF_RESOURCES;\r
case 206:\r
return HTTP_STATUS_206_PARTIAL_CONTENT;\r
case 300:\r
- return HTTP_STATUS_300_MULTIPLE_CHIOCES;\r
+ return HTTP_STATUS_300_MULTIPLE_CHOICES;\r
case 301:\r
return HTTP_STATUS_301_MOVED_PERMANENTLY;\r
case 302:\r
return HTTP_STATUS_305_USE_PROXY;\r
case 307:\r
return HTTP_STATUS_307_TEMPORARY_REDIRECT;\r
+ case 308:\r
+ return HTTP_STATUS_308_PERMANENT_REDIRECT;\r
case 400:\r
return HTTP_STATUS_400_BAD_REQUEST;\r
case 401:\r
{\r
UINTN Index;\r
\r
+ if (FieldName == NULL) {\r
+ return FALSE;\r
+ }\r
+\r
for (Index = 0; Index < DeleteCount; Index++) {\r
+ if (DeleteList[Index] == NULL) {\r
+ continue;\r
+ }\r
+\r
if (AsciiStrCmp (FieldName, DeleteList[Index]) == 0) {\r
return FALSE;\r
}\r