NetworkPkg: Fix the potential NULL pointer dereferenced issue
authorJiaxin Wu <jiaxin.wu@intel.com>
Thu, 10 Dec 2015 01:44:56 +0000 (01:44 +0000)
committerjiaxinwu <jiaxinwu@Edk2>
Thu, 10 Dec 2015 01:44:56 +0000 (01:44 +0000)
This patch is used to fix the potential NULL pointer dereferenced
in function 'ParseDnsResponse'.

Cc: Fu Siyuan <siyuan.fu@intel.com>
Cc: Zhang Lubo <lubo.zhang@intel.com>
Contributed-under: TianoCore Contribution Agreement 1.0
Signed-off-by: Jiaxin Wu <jiaxin.wu@intel.com>
Reviewed-by: Zhang Lubo <lubo.zhang@intel.com>
Reviewed-by: Fu Siyuan <siyuan.fu@intel.com>
git-svn-id: https://svn.code.sf.net/p/edk2/code/trunk/edk2@19178 6f19259b-4bc3-4df7-8a09-765794883524

NetworkPkg/DnsDxe/DnsImpl.c

index 42d51f0..4f7320e 100644 (file)
@@ -1199,19 +1199,28 @@ ParseDnsResponse (
   //\r
   // Check the Query type, do some buffer allocations.\r
   //\r
-  if (QuerySection->Type == DNS_TYPE_A) {\r
-    Dns4TokenEntry->Token->RspData.H2AData = AllocatePool (sizeof (DNS_HOST_TO_ADDR_DATA));\r
-    ASSERT (Dns4TokenEntry->Token->RspData.H2AData != NULL);\r
-    Dns4TokenEntry->Token->RspData.H2AData->IpList = AllocatePool (DnsHeader->AnswersNum * sizeof (EFI_IPv4_ADDRESS));\r
-    ASSERT (Dns4TokenEntry->Token->RspData.H2AData->IpList != NULL);\r
-  } else if (QuerySection->Type == DNS_TYPE_AAAA) {\r
-    Dns6TokenEntry->Token->RspData.H2AData = AllocatePool (sizeof (DNS6_HOST_TO_ADDR_DATA));\r
-    ASSERT (Dns6TokenEntry->Token->RspData.H2AData != NULL);\r
-    Dns6TokenEntry->Token->RspData.H2AData->IpList = AllocatePool (DnsHeader->AnswersNum * sizeof (EFI_IPv6_ADDRESS));\r
-    ASSERT (Dns6TokenEntry->Token->RspData.H2AData->IpList != NULL);\r
+  if (Instance->Service->IpVersion == IP_VERSION_4) {\r
+    ASSERT (Dns4TokenEntry != NULL);\r
+    if (QuerySection->Type == DNS_TYPE_A) {\r
+      Dns4TokenEntry->Token->RspData.H2AData = AllocatePool (sizeof (DNS_HOST_TO_ADDR_DATA));\r
+      ASSERT (Dns4TokenEntry->Token->RspData.H2AData != NULL);\r
+      Dns4TokenEntry->Token->RspData.H2AData->IpList = AllocatePool (DnsHeader->AnswersNum * sizeof (EFI_IPv4_ADDRESS));\r
+      ASSERT (Dns4TokenEntry->Token->RspData.H2AData->IpList != NULL);\r
+    } else {\r
+      Status = EFI_UNSUPPORTED;\r
+      goto ON_EXIT;\r
+    }\r
   } else {\r
-    Status = EFI_UNSUPPORTED;\r
-    goto ON_EXIT;\r
+    ASSERT (Dns6TokenEntry != NULL);\r
+    if (QuerySection->Type == DNS_TYPE_AAAA) {\r
+      Dns6TokenEntry->Token->RspData.H2AData = AllocatePool (sizeof (DNS6_HOST_TO_ADDR_DATA));\r
+      ASSERT (Dns6TokenEntry->Token->RspData.H2AData != NULL);\r
+      Dns6TokenEntry->Token->RspData.H2AData->IpList = AllocatePool (DnsHeader->AnswersNum * sizeof (EFI_IPv6_ADDRESS));\r
+      ASSERT (Dns6TokenEntry->Token->RspData.H2AData->IpList != NULL);\r
+    } else {\r
+      Status = EFI_UNSUPPORTED;\r
+      goto ON_EXIT;\r
+    }\r
   }\r
 \r
   //\r
@@ -1240,7 +1249,7 @@ ParseDnsResponse (
         //\r
         // This is address entry, get Data.\r
         //\r
-        ASSERT (AnswerSection->DataLength == 4);\r
+        ASSERT (Dns4TokenEntry != NULL && AnswerSection->DataLength == 4);\r
         \r
         HostAddr4 = Dns4TokenEntry->Token->RspData.H2AData->IpList;\r
         AnswerData = (UINT8 *) AnswerSection + sizeof (*AnswerSection);\r
@@ -1282,7 +1291,7 @@ ParseDnsResponse (
         //\r
         // This is address entry, get Data.\r
         //\r
-        ASSERT (AnswerSection->DataLength == 16);\r
+        ASSERT (Dns6TokenEntry != NULL && AnswerSection->DataLength == 16);\r
         \r
         HostAddr6 = Dns6TokenEntry->Token->RspData.H2AData->IpList;\r
         AnswerData = (UINT8 *) AnswerSection + sizeof (*AnswerSection);\r
@@ -1333,16 +1342,29 @@ ParseDnsResponse (
     AnswerSectionNum ++;\r
   }\r
 \r
-  if (QuerySection->Type == DNS_TYPE_A) {\r
-    Dns4TokenEntry->Token->RspData.H2AData->IpCount = IpCount;\r
-  } else if (QuerySection->Type == DNS_TYPE_AAAA) {\r
-    Dns6TokenEntry->Token->RspData.H2AData->IpCount = IpCount;\r
+  if (Instance->Service->IpVersion == IP_VERSION_4) {\r
+    ASSERT (Dns4TokenEntry != NULL);\r
+    if (QuerySection->Type == DNS_TYPE_A) {\r
+      Dns4TokenEntry->Token->RspData.H2AData->IpCount = IpCount;\r
+    } else {\r
+      Status = EFI_UNSUPPORTED;\r
+      goto ON_EXIT;\r
+    }\r
+  } else {\r
+    ASSERT (Dns6TokenEntry != NULL);\r
+    if (QuerySection->Type == DNS_TYPE_AAAA) {\r
+      Dns6TokenEntry->Token->RspData.H2AData->IpCount = IpCount;\r
+    } else {\r
+      Status = EFI_UNSUPPORTED;\r
+      goto ON_EXIT;\r
+    }\r
   }\r
 \r
   //\r
   // Parsing is complete, SignalEvent here.\r
   //\r
   if (Instance->Service->IpVersion == IP_VERSION_4) {\r
+    ASSERT (Dns4TokenEntry != NULL);\r
     Dns4RemoveTokenEntry (&Instance->Dns4TxTokens, Dns4TokenEntry);\r
     Dns4TokenEntry->Token->Status = EFI_SUCCESS;\r
     if (Dns4TokenEntry->Token->Event != NULL) {\r
@@ -1350,6 +1372,7 @@ ParseDnsResponse (
       DispatchDpc ();\r
     }\r
   } else {\r
+    ASSERT (Dns6TokenEntry != NULL);\r
     Dns6RemoveTokenEntry (&Instance->Dns6TxTokens, Dns6TokenEntry);\r
     Dns6TokenEntry->Token->Status = EFI_SUCCESS;\r
     if (Dns6TokenEntry->Token->Event != NULL) {\r