From: Jiaxin Wu Date: Wed, 15 Jun 2016 08:23:51 +0000 (+0800) Subject: NetworkPkg: Fix unspecified address use case in IpsecConfig X-Git-Tag: edk2-stable201903~6839 X-Git-Url: https://git.proxmox.com/?p=mirror_edk2.git;a=commitdiff_plain;h=ca9b4d22f437ccd2d7ad9ce262760097788bafcc NetworkPkg: Fix unspecified address use case in IpsecConfig This patch is used to fix unspecified address use case in ConstructSpdIndexer() function. Indexer->Name for ConstructSpdIndexer is unspecified, that will be a problem for UnicodeStrToAsciiStr. This patch also refine the code by removing ASSERT and user error handling. Cc: Fu Siyuan Cc: Ye Ting Cc: Zeng Star Contributed-under: TianoCore Contribution Agreement 1.0 Signed-off-by: Jiaxin Wu Reviewed-by: Zeng Star Reviewed-by: Ye Ting Reviewed-by: Fu Siyuan --- diff --git a/NetworkPkg/Application/IpsecConfig/Indexer.c b/NetworkPkg/Application/IpsecConfig/Indexer.c index 83ceda4b57..353b22e06a 100644 --- a/NetworkPkg/Application/IpsecConfig/Indexer.c +++ b/NetworkPkg/Application/IpsecConfig/Indexer.c @@ -1,7 +1,7 @@ /** @file The implementation of construct ENTRY_INDEXER in IpSecConfig application. - Copyright (c) 2009 - 2015, Intel Corporation. All rights reserved.
+ Copyright (c) 2009 - 2016, Intel Corporation. All rights reserved.
This program and the accompanying materials are licensed and made available under the terms and conditions of the BSD License @@ -44,17 +44,19 @@ ConstructSpdIndexer ( } else if (ShellCommandLineGetFlag (ParamPackage, L"-e")) { ValueStr = ShellCommandLineGetValue (ParamPackage, L"-e"); } else { - ASSERT (FALSE); + return EFI_INVALID_PARAMETER; } - ASSERT (ValueStr != NULL); - + if (ValueStr == NULL) { + return EFI_INVALID_PARAMETER; + } + Value64 = StrToUInteger (ValueStr, &Status); if (!EFI_ERROR (Status)) { Indexer->Index = (UINTN) Value64; - Indexer->Name = NULL; + ZeroMem (Indexer->Name, MAX_PEERID_LEN); } else { - UnicodeStrToAsciiStr (ValueStr, (CHAR8 *) Indexer->Name); + UnicodeStrToAsciiStrS (ValueStr, (CHAR8 *) Indexer->Name, MAX_PEERID_LEN); } return EFI_SUCCESS; @@ -89,10 +91,12 @@ ConstructSadIndexer ( } else if (ShellCommandLineGetFlag (ParamPackage, L"-e")) { ValueStr = ShellCommandLineGetValue (ParamPackage, L"-e"); } else { - ASSERT (FALSE); + return EFI_INVALID_PARAMETER; } - ASSERT (ValueStr != NULL); + if (ValueStr == NULL) { + return EFI_INVALID_PARAMETER; + } Value64 = StrToUInteger (ValueStr, &Status); if (!EFI_ERROR (Status)) { @@ -187,10 +191,12 @@ ConstructPadIndexer ( } else if (ShellCommandLineGetFlag (ParamPackage, L"-e")) { ValueStr = ShellCommandLineGetValue (ParamPackage, L"-e"); } else { - ASSERT (FALSE); + return EFI_INVALID_PARAMETER; } - ASSERT (ValueStr != NULL); + if (ValueStr == NULL) { + return EFI_INVALID_PARAMETER; + } Value64 = StrToUInteger (ValueStr, &Status); diff --git a/NetworkPkg/Application/IpsecConfig/Indexer.h b/NetworkPkg/Application/IpsecConfig/Indexer.h index 078f38a312..58c0689021 100644 --- a/NetworkPkg/Application/IpsecConfig/Indexer.h +++ b/NetworkPkg/Application/IpsecConfig/Indexer.h @@ -2,7 +2,7 @@ The internal structure and function declaration to construct ENTRY_INDEXER in IpSecConfig application. - Copyright (c) 2009 - 2010, Intel Corporation. All rights reserved.
+ Copyright (c) 2009 - 2016, Intel Corporation. All rights reserved.
This program and the accompanying materials are licensed and made available under the terms and conditions of the BSD License @@ -18,8 +18,8 @@ #define _INDEXER_H_ typedef struct { - UINT8 *Name; - UINTN Index; // Used only if Name is NULL. + UINT8 Name[MAX_PEERID_LEN]; + UINTN Index; // Used only if Name buffer is filled with zero. } SPD_ENTRY_INDEXER; typedef struct { diff --git a/NetworkPkg/Application/IpsecConfig/Match.c b/NetworkPkg/Application/IpsecConfig/Match.c index d283f5b716..2ee763e607 100644 --- a/NetworkPkg/Application/IpsecConfig/Match.c +++ b/NetworkPkg/Application/IpsecConfig/Match.c @@ -1,7 +1,7 @@ /** @file The implementation of match policy entry function in IpSecConfig application. - Copyright (c) 2009 - 2011, Intel Corporation. All rights reserved.
+ Copyright (c) 2009 - 2016, Intel Corporation. All rights reserved.
This program and the accompanying materials are licensed and made available under the terms and conditions of the BSD License @@ -63,7 +63,7 @@ MatchSpdEntry ( BOOLEAN Match; Match = FALSE; - if (Indexer->Name != NULL) { + if (!IsMemoryZero (Indexer->Name, MAX_PEERID_LEN)) { if ((Data->Name != NULL) && (AsciiStrCmp ((CHAR8 *) Indexer->Name, (CHAR8 *) Data->Name) == 0)) { Match = TRUE; }