MdeModulePkg/IpIoLib: Check the input parameters before use them.

[mirror_edk2.git] / MdeModulePkg / Library / DxeIpIoLib / DxeIpIoLib.c

diff --git a/MdeModulePkg/Library/DxeIpIoLib/DxeIpIoLib.c b/MdeModulePkg/Library/DxeIpIoLib/DxeIpIoLib.c
index 9a70e9075d9abe43d2b3691bc36b344aadf838b7..a06c0b6a4752cdea4fb78e20ce6d74006275999e 100644 (file)
--- a/MdeModulePkg/Library/DxeIpIoLib/DxeIpIoLib.c
+++ b/MdeModulePkg/Library/DxeIpIoLib/DxeIpIoLib.c
@@ -2,7 +2,7 @@
   IpIo Library.\r
 \r
 (C) Copyright 2014 Hewlett-Packard Development Company, L.P.<BR>\r
-Copyright (c) 2005 - 2016, Intel Corporation. All rights reserved.<BR>\r
+Copyright (c) 2005 - 2017, Intel Corporation. All rights reserved.<BR>\r
 This program and the accompanying materials\r
 are licensed and made available under the terms and conditions of the BSD License\r
 which accompanies this distribution.  The full text of the license may be found at\r
@@ -129,6 +129,7 @@ IpIoTransmitHandler (
 \r
   @retval       EFI_SUCCESS        The IP child is created and the IP protocol\r
                                    interface is retrieved.\r
+  @retval       EFI_UNSUPPORTED    Upsupported IpVersion.\r
   @retval       Others             The required operation failed.\r
 \r
 **/\r
@@ -206,6 +207,7 @@ IpIoCreateIpChildOpenProtocol (
 \r
   @retval     EFI_SUCCESS         The IP protocol is closed and the relevant IP child\r
                                   is destroyed.\r
+  @retval     EFI_UNSUPPORTED     Upsupported IpVersion.\r
   @retval     Others              The required operation failed.\r
 \r
 **/\r
@@ -234,24 +236,25 @@ IpIoCloseProtocolDestroyIpChild (
   //\r
   // Close the previously openned IP protocol.\r
   //\r
-  gBS->CloseProtocol (\r
-         ChildHandle,\r
-         IpProtocolGuid,\r
-         ImageHandle,\r
-         ControllerHandle\r
-         );\r
+  Status = gBS->CloseProtocol (\r
+                  ChildHandle,\r
+                  IpProtocolGuid,\r
+                  ImageHandle,\r
+                  ControllerHandle\r
+                  );\r
+  if (EFI_ERROR (Status)) {\r
+    return Status;\r
+  }\r
 \r
   //\r
   // Destroy the IP child.\r
   //\r
-  Status = NetLibDestroyServiceChild (\r
-             ControllerHandle,\r
-             ImageHandle,\r
-             ServiceBindingGuid,\r
-             ChildHandle\r
-             );\r
-\r
-  return Status;\r
+  return NetLibDestroyServiceChild (\r
+           ControllerHandle,\r
+           ImageHandle,\r
+           ServiceBindingGuid,\r
+           ChildHandle\r
+           );\r
 }\r
 \r
 /**\r
@@ -280,15 +283,22 @@ IpIoIcmpv4Handler (
   UINT8                Type;\r
   UINT8                Code;\r
   UINT32               TrimBytes;\r
-\r
+  \r
+  ASSERT (IpIo != NULL);\r
+  ASSERT (Pkt != NULL);\r
+  ASSERT (Session != NULL);\r
   ASSERT (IpIo->IpVersion == IP_VERSION_4);\r
-\r
-  IcmpHdr = NET_PROTO_HDR (Pkt, IP4_ICMP_ERROR_HEAD);\r
-  IpHdr   = (EFI_IP4_HEADER *) (&IcmpHdr->IpHead);\r
-\r
+  \r
   //\r
   // Check the ICMP packet length.\r
   //\r
+  if (Pkt->TotalSize < sizeof (IP4_ICMP_ERROR_HEAD)) {\r
+    return EFI_ABORTED;\r
+  }\r
+  \r
+  IcmpHdr = NET_PROTO_HDR (Pkt, IP4_ICMP_ERROR_HEAD);\r
+  IpHdr   = (EFI_IP4_HEADER *) (&IcmpHdr->IpHead);\r
+\r
   if (Pkt->TotalSize < ICMP_ERRLEN (IpHdr)) {\r
 \r
     return EFI_ABORTED;\r
@@ -377,8 +387,14 @@ IpIoIcmpv4Handler (
   TrimBytes  = (UINT32) (PayLoadHdr - (UINT8 *) IcmpHdr);\r
 \r
   NetbufTrim (Pkt, TrimBytes, TRUE);\r
-\r
-  IpIo->PktRcvdNotify (EFI_ICMP_ERROR, IcmpErr, Session, Pkt, IpIo->RcvdContext);\r
+  \r
+  //\r
+  // If the input packet has invalid format, and TrimBytes is larger than \r
+  // the packet size, the NetbufTrim might trim the packet to zero.\r
+  //\r
+  if (Pkt->TotalSize != 0) {\r
+    IpIo->PktRcvdNotify (EFI_ICMP_ERROR, IcmpErr, Session, Pkt, IpIo->RcvdContext);\r
+  }\r
 \r
   return EFI_SUCCESS;  \r
 }\r
@@ -412,6 +428,9 @@ IpIoIcmpv6Handler (
   UINT32               TrimBytes;\r
   BOOLEAN              Flag;\r
 \r
+  ASSERT (IpIo != NULL);\r
+  ASSERT (Pkt != NULL);\r
+  ASSERT (Session != NULL);\r
   ASSERT (IpIo->IpVersion == IP_VERSION_6);\r
 \r
   //\r
@@ -539,7 +558,13 @@ IpIoIcmpv6Handler (
   \r
   NetbufTrim (Pkt, TrimBytes, TRUE);\r
 \r
-  IpIo->PktRcvdNotify (EFI_ICMP_ERROR, IcmpErr, Session, Pkt, IpIo->RcvdContext);\r
+  //\r
+  // If the input packet has invalid format, and TrimBytes is larger than \r
+  // the packet size, the NetbufTrim might trim the packet to zero.\r
+  //\r
+  if (Pkt->TotalSize != 0) {\r
+    IpIo->PktRcvdNotify (EFI_ICMP_ERROR, IcmpErr, Session, Pkt, IpIo->RcvdContext);\r
+  }\r
 \r
   return EFI_SUCCESS;\r
 }\r
@@ -1028,6 +1053,13 @@ IpIoListenHandlerDpc (
   }\r
 \r
   if (IpIo->IpVersion == IP_VERSION_4) {\r
+    ASSERT (RxData->Ip4RxData.Header != NULL);\r
+    if (IP4_IS_LOCAL_BROADCAST (EFI_IP4 (RxData->Ip4RxData.Header->SourceAddress))) {\r
+      //\r
+      // The source address is a broadcast address, discard it.\r
+      //\r
+      goto CleanUp;\r
+    }\r
     if ((EFI_IP4 (RxData->Ip4RxData.Header->SourceAddress) != 0) &&\r
         (IpIo->SubnetMask != 0) &&\r
         IP4_NET_EQUAL (IpIo->StationIp, EFI_NTOHL (((EFI_IP4_RECEIVE_DATA *) RxData)->Header->SourceAddress), IpIo->SubnetMask) &&\r
@@ -1045,6 +1077,11 @@ IpIoListenHandlerDpc (
       goto CleanUp;\r
     }\r
 \r
+    //\r
+    // The fragment should always be valid for non-zero length packet.\r
+    //\r
+    ASSERT (RxData->Ip4RxData.FragmentCount != 0);\r
+\r
     //\r
     // Create a netbuffer representing IPv4 packet\r
     //\r
@@ -1069,7 +1106,7 @@ IpIoListenHandlerDpc (
     Session.IpHdrLen       = RxData->Ip4RxData.HeaderLength;\r
     Session.IpVersion      = IP_VERSION_4;\r
   } else {\r
-\r
+    ASSERT (RxData->Ip6RxData.Header != NULL);\r
     if (!NetIp6IsValidUnicast(&RxData->Ip6RxData.Header->SourceAddress)) {\r
       goto CleanUp;\r
     }\r
@@ -1081,6 +1118,11 @@ IpIoListenHandlerDpc (
       goto CleanUp;\r
     }\r
     \r
+    //\r
+    // The fragment should always be valid for non-zero length packet.\r
+    //\r
+    ASSERT (RxData->Ip6RxData.FragmentCount != 0);\r
+    \r
     //\r
     // Create a netbuffer representing IPv6 packet\r
     //\r
@@ -1266,11 +1308,13 @@ ReleaseIpIo:
   @param[in]       OpenData           The configuration data and callbacks for\r
                                       the IP_IO instance.\r
 \r
-  @retval          EFI_SUCCESS        The IP_IO instance opened with OpenData\r
-                                      successfully.\r
-  @retval          EFI_ACCESS_DENIED  The IP_IO instance is configured, avoid to \r
-                                      reopen it.\r
-  @retval          Others             Error condition occurred.\r
+  @retval          EFI_SUCCESS            The IP_IO instance opened with OpenData\r
+                                          successfully.\r
+  @retval          EFI_ACCESS_DENIED      The IP_IO instance is configured, avoid to \r
+                                          reopen it.\r
+  @retval          EFI_UNSUPPORTED        IPv4 RawData mode is no supported.\r
+  @retval          EFI_INVALID_PARAMETER  Invalid input parameter.\r
+  @retval          Others                 Error condition occurred.\r
 \r
 **/\r
 EFI_STATUS\r
@@ -1283,6 +1327,10 @@ IpIoOpen (
   EFI_STATUS        Status;\r
   UINT8             IpVersion;\r
 \r
+  if (IpIo == NULL || OpenData == NULL) {\r
+    return EFI_INVALID_PARAMETER;\r
+  }\r
+\r
   if (IpIo->IsConfigured) {\r
     return EFI_ACCESS_DENIED;\r
   }\r
@@ -1394,8 +1442,9 @@ ErrorExit:
 \r
   @param[in, out]  IpIo            Pointer to the IP_IO instance that needs to stop.\r
 \r
-  @retval          EFI_SUCCESS     The IP_IO instance stopped successfully.\r
-  @retval          Others          Error condition occurred.\r
+  @retval          EFI_SUCCESS            The IP_IO instance stopped successfully.\r
+  @retval          EFI_INVALID_PARAMETER  Invalid input parameter.\r
+  @retval          Others                 Error condition occurred.\r
 \r
 **/\r
 EFI_STATUS\r
@@ -1408,6 +1457,10 @@ IpIoStop (
   IP_IO_IP_INFO     *IpInfo;\r
   UINT8             IpVersion;\r
 \r
+  if (IpIo == NULL) {\r
+    return EFI_INVALID_PARAMETER;\r
+  }\r
+\r
   if (!IpIo->IsConfigured) {\r
     return EFI_SUCCESS;\r
   }\r
@@ -1482,20 +1535,28 @@ IpIoDestroy (
   IN OUT IP_IO *IpIo\r
   )\r
 {\r
+  EFI_STATUS    Status;\r
+  \r
   //\r
   // Stop the IpIo.\r
   //\r
-  IpIoStop (IpIo);\r
+  Status = IpIoStop (IpIo);\r
+  if (EFI_ERROR (Status)) {\r
+    return Status;\r
+  }\r
 \r
   //\r
   // Close the IP protocol and destroy the child.\r
   //\r
-  IpIoCloseProtocolDestroyIpChild (\r
-    IpIo->Controller,\r
-    IpIo->Image,\r
-    IpIo->ChildHandle,\r
-    IpIo->IpVersion\r
-    );\r
+  Status = IpIoCloseProtocolDestroyIpChild (\r
+             IpIo->Controller,\r
+             IpIo->Image,\r
+             IpIo->ChildHandle,\r
+             IpIo->IpVersion\r
+             );\r
+  if (EFI_ERROR (Status)) {\r
+    return Status;\r
+  }\r
 \r
   gBS->FreePool (IpIo);\r
 \r
@@ -1518,12 +1579,15 @@ IpIoDestroy (
   @param[in]       Context               Optional context data.\r
   @param[in]       NotifyData            Optional notify data.\r
   @param[in]       Dest                  The destination IP address to send this packet to.\r
+                                         This parameter is optional when using IPv6.\r
   @param[in]       OverrideData          The data to override some configuration of the IP\r
                                          instance used for sending.\r
 \r
   @retval          EFI_SUCCESS           The operation is completed successfully.\r
+  @retval          EFI_INVALID_PARAMETER The input parameter is not correct.\r
   @retval          EFI_NOT_STARTED       The IpIo is not configured.\r
   @retval          EFI_OUT_OF_RESOURCES  Failed due to resource limit.\r
+  @retval          Others                Error condition occurred.\r
 \r
 **/\r
 EFI_STATUS\r
@@ -1534,7 +1598,7 @@ IpIoSend (
   IN     IP_IO_IP_INFO  *Sender        OPTIONAL,\r
   IN     VOID           *Context       OPTIONAL,\r
   IN     VOID           *NotifyData    OPTIONAL,\r
-  IN     EFI_IP_ADDRESS *Dest,\r
+  IN     EFI_IP_ADDRESS *Dest          OPTIONAL,\r
   IN     IP_IO_OVERRIDE *OverrideData  OPTIONAL\r
   )\r
 {\r
@@ -1542,7 +1606,13 @@ IpIoSend (
   IP_IO_IP_PROTOCOL Ip;\r
   IP_IO_SEND_ENTRY  *SndEntry;\r
 \r
-  ASSERT ((IpIo->IpVersion != IP_VERSION_4) || (Dest != NULL));\r
+  if ((IpIo == NULL) || (Pkt == NULL)) {\r
+    return EFI_INVALID_PARAMETER;\r
+  }\r
+\r
+  if ((IpIo->IpVersion == IP_VERSION_4) && (Dest == NULL)) {\r
+    return EFI_INVALID_PARAMETER;\r
+  }\r
 \r
   if (!IpIo->IsConfigured) {\r
     return EFI_NOT_STARTED;\r
@@ -1785,19 +1855,23 @@ IpIoConfigIp (
   }\r
 \r
   if (IpConfigData != NULL) {\r
-    if (IpInfo->IpVersion == IP_VERSION_4){\r
+    if (IpInfo->IpVersion == IP_VERSION_4) {\r
 \r
       if (((EFI_IP4_CONFIG_DATA *) IpConfigData)->UseDefaultAddress) {\r
-        Ip.Ip4->GetModeData (\r
-                  Ip.Ip4, \r
-                  &Ip4ModeData, \r
-                  NULL, \r
-                  NULL\r
-                  );\r
+        Status = Ip.Ip4->GetModeData (\r
+                           Ip.Ip4, \r
+                           &Ip4ModeData, \r
+                           NULL, \r
+                           NULL\r
+                           );\r
+        if (EFI_ERROR (Status)) {\r
+          Ip.Ip4->Configure (Ip.Ip4, NULL);\r
+          goto OnExit;\r
+        }\r
 \r
         IP4_COPY_ADDRESS (&((EFI_IP4_CONFIG_DATA*) IpConfigData)->StationAddress, &Ip4ModeData.ConfigData.StationAddress);\r
         IP4_COPY_ADDRESS (&((EFI_IP4_CONFIG_DATA*) IpConfigData)->SubnetMask, &Ip4ModeData.ConfigData.SubnetMask);\r
-    }\r
+      }\r
 \r
       CopyMem (\r
         &IpInfo->Addr.Addr, \r
@@ -1814,16 +1888,20 @@ IpIoConfigIp (
                          Ip.Ip4,\r
                          &IpInfo->DummyRcvToken.Ip4Token\r
                          );\r
-    if (EFI_ERROR (Status)) {\r
-      Ip.Ip4->Configure (Ip.Ip4, NULL);\r
-    }\r
-  } else {\r
-    Ip.Ip6->GetModeData (\r
-              Ip.Ip6,\r
-              &Ip6ModeData,\r
-              NULL,\r
-              NULL\r
-              );\r
+      if (EFI_ERROR (Status)) {\r
+        Ip.Ip4->Configure (Ip.Ip4, NULL);\r
+      }\r
+    } else {\r
+      Status = Ip.Ip6->GetModeData (\r
+                         Ip.Ip6,\r
+                         &Ip6ModeData,\r
+                         NULL,\r
+                         NULL\r
+                         );\r
+      if (EFI_ERROR (Status)) {\r
+        Ip.Ip6->Configure (Ip.Ip6, NULL);\r
+        goto OnExit;\r
+      }\r
 \r
       if (Ip6ModeData.IsConfigured) {\r
         CopyMem (\r
@@ -1910,6 +1988,10 @@ IpIoRemoveIp (
 {\r
 \r
   UINT8               IpVersion;\r
+  \r
+  if (IpIo == NULL || IpInfo == NULL) {\r
+    return;\r
+  }\r
 \r
   ASSERT (IpInfo->RefCnt > 0);\r
 \r
@@ -1974,7 +2056,7 @@ IpIoRemoveIp (
   @param[in]       Src               The local IP address.\r
 \r
   @return Pointer to the IP protocol can be used for sending purpose and its local\r
-          address is the same with Src.\r
+          address is the same with Src. NULL if failed.\r
 \r
 **/\r
 IP_IO_IP_INFO *\r
@@ -1990,7 +2072,13 @@ IpIoFindSender (
   LIST_ENTRY      *IpInfoEntry;\r
   IP_IO_IP_INFO   *IpInfo;\r
 \r
-  ASSERT ((IpVersion == IP_VERSION_4) || (IpVersion == IP_VERSION_6));  \r
+  if (IpIo == NULL || Src == NULL) {\r
+    return NULL;\r
+  }\r
+\r
+  if ((IpVersion != IP_VERSION_4) && (IpVersion != IP_VERSION_6)) {\r
+    return NULL;\r
+  }\r
 \r
   NET_LIST_FOR_EACH (IpIoEntry, &mActiveIpIoList) {\r
     IpIoPtr = NET_LIST_USER_STRUCT (IpIoEntry, IP_IO, Entry);\r
@@ -2038,6 +2126,7 @@ IpIoFindSender (
   @param[out]  IsHard                If TRUE, indicates that it is a hard error.\r
   @param[out]  Notify                If TRUE, SockError needs to be notified.\r
 \r
+  @retval EFI_UNSUPPORTED            Unrecognizable ICMP error code.\r
   @return ICMP Error Status, such as EFI_NETWORK_UNREACHABLE.\r
 \r
 **/\r
@@ -2156,6 +2245,7 @@ IpIoGetIcmpErrStatus (
   @retval      EFI_INVALID_PARAMETER Neighbor Address is invalid.\r
   @retval      EFI_NOT_FOUND         The neighbor cache entry is not in the \r
                                      neighbor table.  \r
+  @retval      EFI_UNSUPPORTED       IP version is IPv4, which doesn't support neighbor cache refresh.\r
   @retval      EFI_OUT_OF_RESOURCES  Failed due to resource limit.\r
 \r
 **/\r
@@ -2168,10 +2258,14 @@ IpIoRefreshNeighbor (
 {\r
   EFI_IP6_PROTOCOL  *Ip;\r
 \r
-  if (!IpIo->IsConfigured || IpIo->IpVersion != IP_VERSION_6) {\r
+  if (!IpIo->IsConfigured) {\r
     return EFI_NOT_STARTED;\r
   }\r
 \r
+  if (IpIo->IpVersion != IP_VERSION_6) {\r
+    return EFI_UNSUPPORTED;\r
+  }\r
+\r
   Ip = IpIo->Ip.Ip6;\r
 \r
   return Ip->Neighbors (Ip, FALSE, &Neighbor->v6, NULL, Timeout, TRUE);\r