Update code to avoid potential access violation.

Signed-off-by: Dong Eric <eric.dong@intel.com>
Reviewed-by: Ye Ting <ting.ye@intel.com>
Reviewed-by: Ouyang Qian <Ouyang.qian@intel.com>
git-svn-id: https://edk2.svn.sourceforge.net/svnroot/edk2/trunk/edk2@13175 6f19259b-4bc3-4df7-8a09-765794883524

diff --git a/NetworkPkg/Application/IpsecConfig/Helper.c b/NetworkPkg/Application/IpsecConfig/Helper.c
index 5013ad9b761ce993ee9bdbb52a9c2c75f9f86095..ae867ceee78304d53d67c4a4bc9be78d22e8711c 100644 (file)
--- a/NetworkPkg/Application/IpsecConfig/Helper.c
+++ b/NetworkPkg/Application/IpsecConfig/Helper.c
@@ -1,7 +1,7 @@
 /** @file\r
   The assistant function implementation for IpSecConfig application.\r
 \r
-  Copyright (c) 2009 - 2010, Intel Corporation. All rights reserved.<BR>\r
+  Copyright (c) 2009 - 2012, Intel Corporation. All rights reserved.<BR>\r
 \r
   This program and the accompanying materials\r
   are licensed and made available under the terms and conditions of the BSD License\r
@@ -93,6 +93,7 @@ GetNumber (
       //\r
       // Convert falied, so use String->Integer map.\r
       //\r
+      ASSERT (Map != NULL);\r
       Value64 = MapStringToInteger (ValueStr, Map);\r
       if (Value64 == (UINT32) -1) {\r
         //\r

diff --git a/NetworkPkg/Application/IpsecConfig/PolicyEntryOperation.c b/NetworkPkg/Application/IpsecConfig/PolicyEntryOperation.c
index 67209f6247f660df39d952266d251d95413ca06c..05df9fa9198ee1e839a4907d017930cec8630f8e 100644 (file)
--- a/NetworkPkg/Application/IpsecConfig/PolicyEntryOperation.c
+++ b/NetworkPkg/Application/IpsecConfig/PolicyEntryOperation.c
@@ -1,7 +1,7 @@
 /** @file\r
   The implementation of policy entry operation function in IpSecConfig application.\r
 \r
-  Copyright (c) 2009 - 2011, Intel Corporation. All rights reserved.<BR>\r
+  Copyright (c) 2009 - 2012, Intel Corporation. All rights reserved.<BR>\r
 \r
   This program and the accompanying materials\r
   are licensed and made available under the terms and conditions of the BSD License\r
@@ -784,6 +784,7 @@ CreateSadEntry (
   if (ValueStr != NULL ) {\r
     (*Data)->AlgoInfo.EspAlgoInfo.EncKeyLength = EncKeyLength;\r
     AsciiStr = AllocateZeroPool (EncKeyLength + 1);\r
+    ASSERT (AsciiStr != NULL);\r
     UnicodeStrToAsciiStr (ValueStr, AsciiStr);\r
     CopyMem ((*Data)->AlgoInfo.EspAlgoInfo.EncKey,  AsciiStr, EncKeyLength);\r
     FreePool (AsciiStr);\r

diff --git a/NetworkPkg/IScsiDxe/IScsiCHAP.c b/NetworkPkg/IScsiDxe/IScsiCHAP.c
index 4cfbba7b5cdba32d9774876413f6a0e9e62aff8f..fd31d4fb0c4799883ecf366a2f1359150bdbde26 100644 (file)
--- a/NetworkPkg/IScsiDxe/IScsiCHAP.c
+++ b/NetworkPkg/IScsiDxe/IScsiCHAP.c
@@ -1,7 +1,7 @@
 /** @file\r
   This file is for Challenge-Handshake Authentication Protocol (CHAP) Configuration.\r
 \r
-Copyright (c) 2004 - 2011, Intel Corporation. All rights reserved.<BR>\r
+Copyright (c) 2004 - 2012, Intel Corporation. All rights reserved.<BR>\r
 This program and the accompanying materials\r
 are licensed and made available under the terms and conditions of the BSD License\r
 which accompanies this distribution.  The full text of the license may be found at\r
@@ -374,6 +374,9 @@ IScsiCHAPToSendReq (
   Session     = Conn->Session;\r
   AuthData    = &Session->AuthData.CHAP;\r
   LoginReq    = (ISCSI_LOGIN_REQUEST *) NetbufGetByte (Pdu, 0, 0);\r
+  if (LoginReq == NULL) {\r
+    return EFI_PROTOCOL_ERROR;\r
+  }\r
   Status      = EFI_SUCCESS;\r
 \r
   RspLen      = 2 * ISCSI_CHAP_RSP_LEN + 3;\r

diff --git a/NetworkPkg/IScsiDxe/IScsiConfig.c b/NetworkPkg/IScsiDxe/IScsiConfig.c
index eea73a8ff15361a05806ae364f8fe665459f6f82..2073f33191c2b17ca9d6e1a272e16389fab3bc1a 100644 (file)
--- a/NetworkPkg/IScsiDxe/IScsiConfig.c
+++ b/NetworkPkg/IScsiDxe/IScsiConfig.c
@@ -1,7 +1,7 @@
 /** @file\r
   Helper functions for configuring or getting the parameters relating to iSCSI.\r
 \r
-Copyright (c) 2004 - 2011, Intel Corporation. All rights reserved.<BR>\r
+Copyright (c) 2004 - 2012, Intel Corporation. All rights reserved.<BR>\r
 This program and the accompanying materials\r
 are licensed and made available under the terms and conditions of the BSD License\r
 which accompanies this distribution.  The full text of the license may be found at\r
@@ -1397,6 +1397,7 @@ IScsiConfigDisplayOrderAttempts (
   if (EFI_ERROR (Status)) {\r
     return Status;\r
   }\r
+  ASSERT (StartOpCodeHandle != NULL);\r
 \r
   OptionsOpCodeHandle = NULL;\r
 \r

diff --git a/NetworkPkg/IScsiDxe/IScsiProto.c b/NetworkPkg/IScsiDxe/IScsiProto.c
index 2ab4da8cdac22fa9330f3f44f9a5d98b8d7b319e..acb7876ab54b6480a5bc9058d387719e3186eb71 100644 (file)
--- a/NetworkPkg/IScsiDxe/IScsiProto.c
+++ b/NetworkPkg/IScsiDxe/IScsiProto.c
@@ -1,7 +1,7 @@
 /** @file\r
   The implementation of iSCSI protocol based on RFC3720.\r
 \r
-Copyright (c) 2004 - 2011, Intel Corporation. All rights reserved.<BR>\r
+Copyright (c) 2004 - 2012, Intel Corporation. All rights reserved.<BR>\r
 This program and the accompanying materials\r
 are licensed and made available under the terms and conditions of the BSD License\r
 which accompanies this distribution.  The full text of the license may be found at\r
@@ -514,6 +514,8 @@ IScsiReceiveLoginRsp (
   if (EFI_ERROR (Status)) {\r
     return Status;\r
   }\r
+  ASSERT (Pdu != NULL);\r
+\r
   //\r
   // A Login Response is received; process it.\r
   //\r
@@ -539,6 +541,7 @@ IScsiReceiveLoginRsp (
                                the correspondence length fields are updated.\r
   @retval EFI_OUT_OF_RESOURCES There is not enough space in the PDU to add the key-value\r
                                pair.\r
+  @retval EFI_PROTOCOL_ERROR   There is no such data in the net buffer.\r
 **/\r
 EFI_STATUS\r
 IScsiAddKeyValuePair (\r
@@ -555,6 +558,9 @@ IScsiAddKeyValuePair (
   CHAR8               *Data;\r
 \r
   LoginReq    = (ISCSI_LOGIN_REQUEST *) NetbufGetByte (Pdu, 0, NULL);\r
+  if (LoginReq == NULL) {\r
+    return EFI_PROTOCOL_ERROR;\r
+  }\r
   DataSegLen  = NTOH24 (LoginReq->DataSegmentLength);\r
 \r
   KeyLen      = (UINT32) AsciiStrLen (Key);\r
@@ -741,6 +747,9 @@ IScsiProcessLoginRsp (
   Session   = Conn->Session;\r
 \r
   LoginRsp  = (ISCSI_LOGIN_RESPONSE *) NetbufGetByte (Pdu, 0, NULL);\r
+  if (LoginRsp == NULL) {\r
+    return EFI_PROTOCOL_ERROR;\r
+  }\r
   if (!ISCSI_CHECK_OPCODE (LoginRsp, ISCSI_OPCODE_LOGIN_RSP)) {\r
     //\r
     // It is not a Login Response.\r
@@ -2268,6 +2277,7 @@ IScsiGenerateDataOutPduSequence (
   NET_BUF             *DataOutPdu;\r
   ISCSI_CONNECTION    *Conn;\r
   ISCSI_XFER_CONTEXT  *XferContext;\r
+  UINT8               *DataOutPacket;\r
 \r
   PduList = AllocatePool (sizeof (LIST_ENTRY));\r
   if (PduList == NULL) {\r
@@ -2311,7 +2321,14 @@ IScsiGenerateDataOutPduSequence (
   //\r
   // Set the F bit for the last data out PDU in this sequence.\r
   //\r
-  ISCSI_SET_FLAG (NetbufGetByte (DataOutPdu, 0, NULL), ISCSI_BHS_FLAG_FINAL);\r
+  DataOutPacket = NetbufGetByte (DataOutPdu, 0, NULL);\r
+  if (DataOutPacket == NULL) {\r
+    IScsiFreeNbufList (PduList);\r
+    PduList = NULL;\r
+    goto ON_EXIT;\r
+  }\r
+\r
+  ISCSI_SET_FLAG (DataOutPacket, ISCSI_BHS_FLAG_FINAL);\r
 \r
 ON_EXIT:\r
 \r
@@ -2396,6 +2413,9 @@ IScsiOnDataInRcvd (
   EFI_STATUS          Status;\r
 \r
   DataInHdr                   = (ISCSI_SCSI_DATA_IN *) NetbufGetByte (Pdu, 0, NULL);\r
+  if (DataInHdr == NULL) {\r
+    return EFI_PROTOCOL_ERROR;\r
+  }\r
 \r
   DataInHdr->InitiatorTaskTag = NTOHL (DataInHdr->InitiatorTaskTag);\r
   DataInHdr->ExpCmdSN         = NTOHL (DataInHdr->ExpCmdSN);\r
@@ -2486,6 +2506,9 @@ IScsiOnR2TRcvd (
   UINT8                   *Data;\r
 \r
   R2THdr = (ISCSI_READY_TO_TRANSFER *) NetbufGetByte (Pdu, 0, NULL);\r
+  if (R2THdr == NULL) {\r
+    return EFI_PROTOCOL_ERROR;\r
+  }\r
 \r
   R2THdr->InitiatorTaskTag = NTOHL (R2THdr->InitiatorTaskTag);\r
   R2THdr->TargetTransferTag = NTOHL (R2THdr->TargetTransferTag);\r
@@ -2551,6 +2574,9 @@ IScsiOnScsiRspRcvd (
   UINT32            DataSegLen;\r
 \r
   ScsiRspHdr                    = (SCSI_RESPONSE *) NetbufGetByte (Pdu, 0, NULL);\r
+  if (ScsiRspHdr == NULL) {\r
+    return EFI_PROTOCOL_ERROR;\r
+  }\r
 \r
   ScsiRspHdr->InitiatorTaskTag  = NTOHL (ScsiRspHdr->InitiatorTaskTag);\r
   if (ScsiRspHdr->InitiatorTaskTag != Tcb->InitiatorTaskTag) {\r
@@ -2613,6 +2639,9 @@ IScsiOnScsiRspRcvd (
   DataSegLen = ISCSI_GET_DATASEG_LEN (ScsiRspHdr);\r
   if (DataSegLen != 0) {\r
     SenseData               = (ISCSI_SENSE_DATA *) NetbufGetByte (Pdu, sizeof (SCSI_RESPONSE), NULL);\r
+    if (SenseData == NULL) {\r
+      return EFI_PROTOCOL_ERROR;\r
+    }\r
 \r
     SenseData->Length       = NTOHS (SenseData->Length);\r
 \r
@@ -2649,6 +2678,9 @@ IScsiOnNopInRcvd (
   EFI_STATUS    Status;\r
 \r
   NopInHdr            = (ISCSI_NOP_IN *) NetbufGetByte (Pdu, 0, NULL);\r
+  if (NopInHdr == NULL) {\r
+    return EFI_PROTOCOL_ERROR;\r
+  }\r
 \r
   NopInHdr->StatSN    = NTOHL (NopInHdr->StatSN);\r
   NopInHdr->ExpCmdSN  = NTOHL (NopInHdr->ExpCmdSN);\r
@@ -2684,6 +2716,7 @@ IScsiOnNopInRcvd (
                                the Packet.\r
   @retval EFI_DEVICE_ERROR     Session state was not as required.\r
   @retval EFI_OUT_OF_RESOURCES Failed to allocate memory.\r
+  @retval EFI_PROTOCOL_ERROR   There is no such data in the net buffer.\r
   @retval Others               Other errors as indicated.\r
 \r
 **/\r
@@ -2745,6 +2778,11 @@ IScsiExecuteScsiCommand (
 \r
   XferContext         = &Tcb->XferContext;\r
   PduHdr              = NetbufGetByte (Pdu, 0, NULL);\r
+  if (PduHdr == NULL) {\r
+    Status = EFI_PROTOCOL_ERROR;\r
+    NetbufFree (Pdu);\r
+    goto ON_EXIT;\r
+  }\r
   XferContext->Offset = ISCSI_GET_DATASEG_LEN (PduHdr);\r
 \r
   //\r
@@ -2803,7 +2841,13 @@ IScsiExecuteScsiCommand (
       goto ON_EXIT;\r
     }\r
 \r
-    switch (ISCSI_GET_OPCODE (NetbufGetByte (Pdu, 0, NULL))) {\r
+    PduHdr = NetbufGetByte (Pdu, 0, NULL);\r
+    if (PduHdr == NULL) {\r
+      Status = EFI_PROTOCOL_ERROR;\r
+      NetbufFree (Pdu);\r
+      goto ON_EXIT;\r
+    }\r
+    switch (ISCSI_GET_OPCODE (PduHdr)) {\r
     case ISCSI_OPCODE_SCSI_DATA_IN:\r
       Status = IScsiOnDataInRcvd (Pdu, Tcb, Packet);\r
       break;\r

diff --git a/NetworkPkg/Mtftp6Dxe/Mtftp6Rrq.c b/NetworkPkg/Mtftp6Dxe/Mtftp6Rrq.c
index 07a86d6a362626a8aa4a9421178f64ad93240223..348a8f29c70fcb13e2f9c4f84292d8f721812f65 100644 (file)
--- a/NetworkPkg/Mtftp6Dxe/Mtftp6Rrq.c
+++ b/NetworkPkg/Mtftp6Dxe/Mtftp6Rrq.c
@@ -1,7 +1,7 @@
 /** @file\r
   Mtftp6 Rrq process functions implementation.\r
 \r
-  Copyright (c) 2009 - 2011, Intel Corporation. All rights reserved.<BR>\r
+  Copyright (c) 2009 - 2012, Intel Corporation. All rights reserved.<BR>\r
 \r
   This program and the accompanying materials\r
   are licensed and made available under the terms and conditions of the BSD License\r
@@ -477,6 +477,7 @@ Mtftp6RrqHandleOack (
   if (EFI_ERROR (Status)) {\r
     return Status;\r
   }\r
+  ASSERT (Options != NULL);\r
 \r
   //\r
   // Parse the extensive options in the packet.\r

diff --git a/NetworkPkg/Mtftp6Dxe/Mtftp6Wrq.c b/NetworkPkg/Mtftp6Dxe/Mtftp6Wrq.c
index 69ef4d2093270baea28625d13fd638d127e0cd13..a6baaaba40a2d7ef9695080a82f5522ac7bcb805 100644 (file)
--- a/NetworkPkg/Mtftp6Dxe/Mtftp6Wrq.c
+++ b/NetworkPkg/Mtftp6Dxe/Mtftp6Wrq.c
@@ -1,7 +1,7 @@
 /** @file\r
   Mtftp6 Wrq process functions implementation.\r
 \r
-  Copyright (c) 2009 - 2010, Intel Corporation. All rights reserved.<BR>\r
+  Copyright (c) 2009 - 2012, Intel Corporation. All rights reserved.<BR>\r
 \r
   This program and the accompanying materials\r
   are licensed and made available under the terms and conditions of the BSD License\r
@@ -315,6 +315,7 @@ Mtftp6WrqHandleOack (
   if (EFI_ERROR (Status)) {\r
     return Status;\r
   }\r
+  ASSERT (Options != NULL);\r
 \r
   Status = Mtftp6ParseExtensionOption (Options, Count, FALSE, &ExtInfo);\r
 \r