IpIo Library.\r
\r
(C) Copyright 2014 Hewlett-Packard Development Company, L.P.<BR>\r
-Copyright (c) 2005 - 2009, Intel Corporation. All rights reserved.<BR>\r
+Copyright (c) 2005 - 2016, Intel Corporation. All rights reserved.<BR>\r
This program and the accompanying materials\r
are licensed and made available under the terms and conditions of the BSD License\r
which accompanies this distribution. The full text of the license may be found at\r
\r
if (IpIo->IpVersion == IP_VERSION_4) {\r
if ((EFI_IP4 (RxData->Ip4RxData.Header->SourceAddress) != 0) &&\r
- !NetIp4IsUnicast (EFI_NTOHL (((EFI_IP4_RECEIVE_DATA *) RxData)->Header->SourceAddress), 0)) {\r
+ !NetIp4IsUnicast (EFI_NTOHL (((EFI_IP4_RECEIVE_DATA *) RxData)->Header->SourceAddress), 0)) {\r
+ //\r
+ // The source address is not zero and it's not a unicast IP address, discard it.\r
+ //\r
+ goto CleanUp;\r
+ }\r
+\r
+ if (RxData->Ip4RxData.DataLength == 0) {\r
+ //\r
+ // Discard zero length data payload packet.\r
+ //\r
+ goto CleanUp;\r
+ }\r
+\r
//\r
- // The source address is not zero and it's not a unicast IP address, discard it.\r
+ // Create a netbuffer representing IPv4 packet\r
//\r
- goto CleanUp;\r
- }\r
-\r
- //\r
- // Create a netbuffer representing IPv4 packet\r
- //\r
- Pkt = NetbufFromExt (\r
- (NET_FRAGMENT *) RxData->Ip4RxData.FragmentTable,\r
- RxData->Ip4RxData.FragmentCount,\r
- 0,\r
- 0,\r
- IpIoExtFree,\r
- RxData->Ip4RxData.RecycleSignal\r
- );\r
- if (NULL == Pkt) {\r
- goto CleanUp;\r
- }\r
+ Pkt = NetbufFromExt (\r
+ (NET_FRAGMENT *) RxData->Ip4RxData.FragmentTable,\r
+ RxData->Ip4RxData.FragmentCount,\r
+ 0,\r
+ 0,\r
+ IpIoExtFree,\r
+ RxData->Ip4RxData.RecycleSignal\r
+ );\r
+ if (NULL == Pkt) {\r
+ goto CleanUp;\r
+ }\r
\r
- //\r
- // Create a net session\r
- //\r
- Session.Source.Addr[0] = EFI_IP4 (RxData->Ip4RxData.Header->SourceAddress);\r
- Session.Dest.Addr[0] = EFI_IP4 (RxData->Ip4RxData.Header->DestinationAddress);\r
- Session.IpHdr.Ip4Hdr = RxData->Ip4RxData.Header;\r
- Session.IpHdrLen = RxData->Ip4RxData.HeaderLength;\r
- Session.IpVersion = IP_VERSION_4;\r
+ //\r
+ // Create a net session\r
+ //\r
+ Session.Source.Addr[0] = EFI_IP4 (RxData->Ip4RxData.Header->SourceAddress);\r
+ Session.Dest.Addr[0] = EFI_IP4 (RxData->Ip4RxData.Header->DestinationAddress);\r
+ Session.IpHdr.Ip4Hdr = RxData->Ip4RxData.Header;\r
+ Session.IpHdrLen = RxData->Ip4RxData.HeaderLength;\r
+ Session.IpVersion = IP_VERSION_4;\r
} else {\r
\r
if (!NetIp6IsValidUnicast(&RxData->Ip6RxData.Header->SourceAddress)) {\r
goto CleanUp;\r
}\r
\r
+ if (RxData->Ip6RxData.DataLength == 0) {\r
+ //\r
+ // Discard zero length data payload packet.\r
+ //\r
+ goto CleanUp;\r
+ }\r
+ \r
//\r
// Create a netbuffer representing IPv6 packet\r
//\r
// configure ip\r
//\r
if (IpVersion == IP_VERSION_4){\r
+ //\r
+ // RawData mode is no supported.\r
+ //\r
+ ASSERT (!OpenData->IpConfigData.Ip4CfgData.RawData);\r
+ if (OpenData->IpConfigData.Ip4CfgData.RawData) {\r
+ return EFI_UNSUPPORTED;\r
+ }\r
+ \r
Status = IpIo->Ip.Ip4->Configure (\r
IpIo->Ip.Ip4,\r
&OpenData->IpConfigData.Ip4CfgData\r
/** @file\r
Help functions to access UDP service, it is used by both the DHCP and MTFTP.\r
\r
-Copyright (c) 2005 - 2012, Intel Corporation. All rights reserved.<BR>\r
+Copyright (c) 2005 - 2016, Intel Corporation. All rights reserved.<BR>\r
This program and the accompanying materials\r
are licensed and made available under the terms and conditions of the BSD License\r
which accompanies this distribution. The full text of the license may be found at<BR>\r
// Build a NET_BUF from the UDP receive data, then deliver it up.\r
//\r
if (RxToken->UdpIo->UdpVersion == UDP_IO_UDP4_VERSION) {\r
+ if (((EFI_UDP4_RECEIVE_DATA *) RxData)->DataLength == 0) {\r
+ //\r
+ // Discard zero length data payload packet.\r
+ //\r
+ goto Resume;\r
+ }\r
\r
Netbuf = NetbufFromExt (\r
(NET_FRAGMENT *)((EFI_UDP4_RECEIVE_DATA *) RxData)->FragmentTable,\r
EndPoint.LocalAddr.Addr[0] = NTOHL (EndPoint.LocalAddr.Addr[0]);\r
EndPoint.RemoteAddr.Addr[0] = NTOHL (EndPoint.RemoteAddr.Addr[0]);\r
} else {\r
+ if (((EFI_UDP6_RECEIVE_DATA *) RxData)->DataLength == 0) {\r
+ //\r
+ // Discard zero length data payload packet.\r
+ //\r
+ goto Resume;\r
+ }\r
\r
Netbuf = NetbufFromExt (\r
(NET_FRAGMENT *)((EFI_UDP6_RECEIVE_DATA *) RxData)->FragmentTable,\r
}\r
\r
RxToken->CallBack (Netbuf, &EndPoint, EFI_SUCCESS, RxToken->Context);\r
+\r
+Resume:\r
+ if (RxToken->UdpIo->UdpVersion == UDP_IO_UDP4_VERSION) {\r
+ gBS->SignalEvent (((EFI_UDP4_RECEIVE_DATA *) RxData)->RecycleSignal);\r
+ RxToken->UdpIo->Protocol.Udp4->Receive (RxToken->UdpIo->Protocol.Udp4, &RxToken->Token.Udp4);\r
+ } else {\r
+ gBS->SignalEvent (((EFI_UDP6_RECEIVE_DATA *) RxData)->RecycleSignal);\r
+ RxToken->UdpIo->Protocol.Udp6->Receive (RxToken->UdpIo->Protocol.Udp6, &RxToken->Token.Udp6);\r
+ }\r
}\r
\r
/**\r
/** @file\r
The implementation of the ARP protocol.\r
\r
-Copyright (c) 2006 - 2012, Intel Corporation. All rights reserved.<BR>\r
+Copyright (c) 2006 - 2016, Intel Corporation. All rights reserved.<BR>\r
This program and the accompanying materials\r
are licensed and made available under the terms and conditions of the BSD License\r
which accompanies this distribution. The full text of the license may be found at<BR>\r
// Status is EFI_SUCCESS, process the received frame.\r
//\r
RxData = RxToken->Packet.RxData;\r
- Head = (ARP_HEAD *) RxData->PacketData;\r
+ //\r
+ // Sanity check.\r
+ //\r
+ if (RxData->DataLength < sizeof (ARP_HEAD)) {\r
+ //\r
+ // Restart the receiving if packet size is not correct.\r
+ //\r
+ goto RESTART_RECEIVE;\r
+ }\r
\r
//\r
// Convert the byte order of the multi-byte fields.\r
//\r
+ Head = (ARP_HEAD *) RxData->PacketData;\r
Head->HwType = NTOHS (Head->HwType);\r
Head->ProtoType = NTOHS (Head->ProtoType);\r
Head->OpCode = NTOHS (Head->OpCode);\r
\r
+ if (RxData->DataLength < (sizeof (ARP_HEAD) + 2 * Head->HwAddrLen + 2 * Head->ProtoAddrLen)) {\r
+ goto RESTART_RECEIVE;\r
+ }\r
+\r
if ((Head->HwType != ArpService->SnpMode.IfType) ||\r
(Head->HwAddrLen != ArpService->SnpMode.HwAddressSize) ||\r
(RxData->ProtocolType != ARP_ETHER_PROTO_TYPE)) {\r
/** @file\r
TCP input process routines.\r
\r
-Copyright (c) 2005 - 2015, Intel Corporation. All rights reserved.<BR>\r
+Copyright (c) 2005 - 2016, Intel Corporation. All rights reserved.<BR>\r
This program and the accompanying materials\r
are licensed and made available under the terms and conditions of the BSD License\r
which accompanies this distribution. The full text of the license may be found at\r
\r
Head = (TCP_HEAD *) NetbufGetByte (Nbuf, 0, NULL);\r
ASSERT (Head != NULL);\r
+\r
+ if (Nbuf->TotalSize < sizeof (TCP_HEAD)) {\r
+ DEBUG ((EFI_D_INFO, "TcpInput: received a malformed packet\n"));\r
+ goto DISCARD;\r
+ }\r
+ \r
Len = Nbuf->TotalSize - (Head->HeadLen << 2);\r
\r
if ((Head->HeadLen < 5) || (Len < 0) ||\r
(TcpChecksum (Nbuf, NetPseudoHeadChecksum (Src, Dst, 6, 0)) != 0)) {\r
\r
- DEBUG ((EFI_D_INFO, "TcpInput: received an mal-formated packet\n"));\r
+ DEBUG ((EFI_D_INFO, "TcpInput: received a malformed packet\n"));\r
goto DISCARD;\r
}\r
\r
BOOLEAN IcmpErrIsHard;\r
BOOLEAN IcmpErrNotify;\r
\r
+ if (Nbuf->TotalSize < sizeof (TCP_HEAD)) {\r
+ goto CLEAN_EXIT;\r
+ }\r
+\r
Head = (TCP_HEAD *) NetbufGetByte (Nbuf, 0, NULL);\r
ASSERT (Head != NULL);\r
Tcb = TcpLocateTcb (\r
/** @file\r
The implementation of the Udp4 protocol.\r
\r
-Copyright (c) 2006 - 2014, Intel Corporation. All rights reserved.<BR>\r
+Copyright (c) 2006 - 2016 Intel Corporation. All rights reserved.<BR>\r
This program and the accompanying materials\r
are licensed and made available under the terms and conditions of the BSD License\r
which accompanies this distribution. The full text of the license may be found at\r
EFI_UDP4_SESSION_DATA *Udp4Session;\r
UINTN Enqueued;\r
\r
+ if (Packet->TotalSize < sizeof (EFI_UDP_HEADER)) {\r
+ NetbufFree (Packet);\r
+ return;\r
+ }\r
+\r
//\r
// Get the datagram header from the packet buffer.\r
//\r
//\r
// Wrong checksum.\r
//\r
+ NetbufFree (Packet);\r
return;\r
}\r
}\r
LIST_ENTRY *Entry;\r
UDP4_INSTANCE_DATA *Instance;\r
\r
+ if (Packet->TotalSize < sizeof (EFI_UDP_HEADER)) {\r
+ NetbufFree (Packet);\r
+ return;\r
+ }\r
+ \r
Udp4Header = (EFI_UDP_HEADER *) NetbufGetByte (Packet, 0, NULL);\r
ASSERT (Udp4Header != NULL);\r
\r