X-Git-Url: https://git.proxmox.com/?a=blobdiff_plain;f=MdeModulePkg%2FLibrary%2FDxeHttpLib%2FDxeHttpLib.c;h=292923875f0707430e55245eed88c50499dda0de;hb=df642d70e3966c5265e8992d63e39309ab25db7b;hp=727cc428f480e815801f587d47742c2ed24080d0;hpb=1fed57ab5d6961c43866b98c6ef56e1740373b1c;p=mirror_edk2.git
diff --git a/MdeModulePkg/Library/DxeHttpLib/DxeHttpLib.c b/MdeModulePkg/Library/DxeHttpLib/DxeHttpLib.c
index 727cc428f4..292923875f 100644
--- a/MdeModulePkg/Library/DxeHttpLib/DxeHttpLib.c
+++ b/MdeModulePkg/Library/DxeHttpLib/DxeHttpLib.c
@@ -2,7 +2,7 @@
This library is used to share code between UEFI network stack modules.
It provides the helper routines to parse the HTTP message byte stream.
-Copyright (c) 2015 - 2016, Intel Corporation. All rights reserved.
+Copyright (c) 2015 - 2017, Intel Corporation. All rights reserved.
(C) Copyright 2016 Hewlett Packard Enterprise Development LP
This program and the accompanying materials
are licensed and made available under the terms and conditions of the BSD License
@@ -396,7 +396,7 @@ HttpParseUrl (
FoundAt = FALSE;
for (Char = Url; Char < Url + Length; Char++) {
//
- // Update state machine accoring to next char.
+ // Update state machine according to next char.
//
State = NetHttpParseUrlChar (*Char, State);
@@ -523,6 +523,7 @@ HttpUrlGetHostName (
&ResultLength
);
if (EFI_ERROR (Status)) {
+ FreePool (Name);
return Status;
}
@@ -582,6 +583,7 @@ HttpUrlGetIp4 (
&ResultLength
);
if (EFI_ERROR (Status)) {
+ FreePool (Ip4String);
return Status;
}
@@ -657,6 +659,7 @@ HttpUrlGetIp6 (
&ResultLength
);
if (EFI_ERROR (Status)) {
+ FreePool (Ip6String);
return Status;
}
@@ -692,6 +695,8 @@ HttpUrlGetPort (
{
CHAR8 *PortString;
EFI_STATUS Status;
+ UINTN Index;
+ UINTN Data;
UINT32 ResultLength;
HTTP_URL_PARSER *Parser;
@@ -699,6 +704,9 @@ HttpUrlGetPort (
return EFI_INVALID_PARAMETER;
}
+ *Port = 0;
+ Index = 0;
+
Parser = (HTTP_URL_PARSER*) UrlParser;
if ((Parser->FieldBitMap & BIT (HTTP_URI_FIELD_PORT)) == 0) {
@@ -717,13 +725,31 @@ HttpUrlGetPort (
&ResultLength
);
if (EFI_ERROR (Status)) {
- return Status;
+ goto ON_EXIT;
}
PortString[ResultLength] = '\0';
- *Port = (UINT16) AsciiStrDecimalToUintn (Url + Parser->FieldData[HTTP_URI_FIELD_PORT].Offset);
- return EFI_SUCCESS;
+ while (Index < ResultLength) {
+ if (!NET_IS_DIGIT (PortString[Index])) {
+ Status = EFI_INVALID_PARAMETER;
+ goto ON_EXIT;
+ }
+ Index ++;
+ }
+
+ Status = AsciiStrDecimalToUintnS (Url + Parser->FieldData[HTTP_URI_FIELD_PORT].Offset, (CHAR8 **) NULL, &Data);
+
+ if (Data > HTTP_URI_PORT_MAX_NUM) {
+ Status = EFI_INVALID_PARAMETER;
+ goto ON_EXIT;
+ }
+
+ *Port = (UINT16) Data;
+
+ON_EXIT:
+ FreePool (PortString);
+ return Status;
}
/**
@@ -777,6 +803,7 @@ HttpUrlGetPath (
&ResultLength
);
if (EFI_ERROR (Status)) {
+ FreePool (PathStr);
return Status;
}
@@ -932,8 +959,7 @@ HttpIoParseContentLengthHeader (
return EFI_NOT_FOUND;
}
- *ContentLength = AsciiStrDecimalToUintn (Header->FieldValue);
- return EFI_SUCCESS;
+ return AsciiStrDecimalToUintnS (Header->FieldValue, (CHAR8 **) NULL, ContentLength);
}
/**
@@ -1430,10 +1456,10 @@ HttpFreeMsgParser (
/**
- Get the next string, which is distinguished by specified seperator.
+ Get the next string, which is distinguished by specified separator.
@param[in] String Pointer to the string.
- @param[in] Seperator Specified seperator used to distinguish where is the beginning
+ @param[in] Separator Specified separator used to distinguish where is the beginning
of next string.
@return Pointer to the next string.
@@ -1444,7 +1470,7 @@ CHAR8 *
EFIAPI
AsciiStrGetNextToken (
IN CONST CHAR8 *String,
- IN CHAR8 Seperator
+ IN CHAR8 Separator
)
{
CONST CHAR8 *Token;
@@ -1454,7 +1480,7 @@ AsciiStrGetNextToken (
if (*Token == 0) {
return NULL;
}
- if (*Token == Seperator) {
+ if (*Token == Separator) {
return (CHAR8 *)(Token + 1);
}
Token++;