X-Git-Url: https://git.proxmox.com/?a=blobdiff_plain;f=MdeModulePkg%2FLibrary%2FDxeHttpLib%2FDxeHttpLib.c;h=505d5c89e9ab2d0b385d15147c58d8675ddb99be;hb=7dec14b78f0b579a17050665832ed95b3ac4b53e;hp=727cc428f480e815801f587d47742c2ed24080d0;hpb=1fed57ab5d6961c43866b98c6ef56e1740373b1c;p=mirror_edk2.git
diff --git a/MdeModulePkg/Library/DxeHttpLib/DxeHttpLib.c b/MdeModulePkg/Library/DxeHttpLib/DxeHttpLib.c
index 727cc428f4..505d5c89e9 100644
--- a/MdeModulePkg/Library/DxeHttpLib/DxeHttpLib.c
+++ b/MdeModulePkg/Library/DxeHttpLib/DxeHttpLib.c
@@ -2,7 +2,7 @@
This library is used to share code between UEFI network stack modules.
It provides the helper routines to parse the HTTP message byte stream.
-Copyright (c) 2015 - 2016, Intel Corporation. All rights reserved.
+Copyright (c) 2015 - 2017, Intel Corporation. All rights reserved.
(C) Copyright 2016 Hewlett Packard Enterprise Development LP
This program and the accompanying materials
are licensed and made available under the terms and conditions of the BSD License
@@ -396,7 +396,7 @@ HttpParseUrl (
FoundAt = FALSE;
for (Char = Url; Char < Url + Length; Char++) {
//
- // Update state machine accoring to next char.
+ // Update state machine according to next char.
//
State = NetHttpParseUrlChar (*Char, State);
@@ -523,6 +523,7 @@ HttpUrlGetHostName (
&ResultLength
);
if (EFI_ERROR (Status)) {
+ FreePool (Name);
return Status;
}
@@ -582,6 +583,7 @@ HttpUrlGetIp4 (
&ResultLength
);
if (EFI_ERROR (Status)) {
+ FreePool (Ip4String);
return Status;
}
@@ -657,6 +659,7 @@ HttpUrlGetIp6 (
&ResultLength
);
if (EFI_ERROR (Status)) {
+ FreePool (Ip6String);
return Status;
}
@@ -692,6 +695,8 @@ HttpUrlGetPort (
{
CHAR8 *PortString;
EFI_STATUS Status;
+ UINTN Index;
+ UINTN Data;
UINT32 ResultLength;
HTTP_URL_PARSER *Parser;
@@ -699,6 +704,9 @@ HttpUrlGetPort (
return EFI_INVALID_PARAMETER;
}
+ *Port = 0;
+ Index = 0;
+
Parser = (HTTP_URL_PARSER*) UrlParser;
if ((Parser->FieldBitMap & BIT (HTTP_URI_FIELD_PORT)) == 0) {
@@ -717,13 +725,31 @@ HttpUrlGetPort (
&ResultLength
);
if (EFI_ERROR (Status)) {
- return Status;
+ goto ON_EXIT;
}
PortString[ResultLength] = '\0';
- *Port = (UINT16) AsciiStrDecimalToUintn (Url + Parser->FieldData[HTTP_URI_FIELD_PORT].Offset);
- return EFI_SUCCESS;
+ while (Index < ResultLength) {
+ if (!NET_IS_DIGIT (PortString[Index])) {
+ Status = EFI_INVALID_PARAMETER;
+ goto ON_EXIT;
+ }
+ Index ++;
+ }
+
+ Status = AsciiStrDecimalToUintnS (Url + Parser->FieldData[HTTP_URI_FIELD_PORT].Offset, (CHAR8 **) NULL, &Data);
+
+ if (Data > HTTP_URI_PORT_MAX_NUM) {
+ Status = EFI_INVALID_PARAMETER;
+ goto ON_EXIT;
+ }
+
+ *Port = (UINT16) Data;
+
+ON_EXIT:
+ FreePool (PortString);
+ return Status;
}
/**
@@ -777,6 +803,7 @@ HttpUrlGetPath (
&ResultLength
);
if (EFI_ERROR (Status)) {
+ FreePool (PathStr);
return Status;
}
@@ -932,8 +959,7 @@ HttpIoParseContentLengthHeader (
return EFI_NOT_FOUND;
}
- *ContentLength = AsciiStrDecimalToUintn (Header->FieldValue);
- return EFI_SUCCESS;
+ return AsciiStrDecimalToUintnS (Header->FieldValue, (CHAR8 **) NULL, ContentLength);
}
/**
@@ -1430,10 +1456,10 @@ HttpFreeMsgParser (
/**
- Get the next string, which is distinguished by specified seperator.
+ Get the next string, which is distinguished by specified separator.
@param[in] String Pointer to the string.
- @param[in] Seperator Specified seperator used to distinguish where is the beginning
+ @param[in] Separator Specified separator used to distinguish where is the beginning
of next string.
@return Pointer to the next string.
@@ -1444,7 +1470,7 @@ CHAR8 *
EFIAPI
AsciiStrGetNextToken (
IN CONST CHAR8 *String,
- IN CHAR8 Seperator
+ IN CHAR8 Separator
)
{
CONST CHAR8 *Token;
@@ -1454,7 +1480,7 @@ AsciiStrGetNextToken (
if (*Token == 0) {
return NULL;
}
- if (*Token == Seperator) {
+ if (*Token == Separator) {
return (CHAR8 *)(Token + 1);
}
Token++;
@@ -1917,6 +1943,8 @@ HttpMappingToStatusCode (
return HTTP_STATUS_305_USE_PROXY;
case 307:
return HTTP_STATUS_307_TEMPORARY_REDIRECT;
+ case 308:
+ return HTTP_STATUS_308_PERMANENT_REDIRECT;
case 400:
return HTTP_STATUS_400_BAD_REQUEST;
case 401: