From 890986ca2a976fb7f79f0734b606a75cdcabb87e Mon Sep 17 00:00:00 2001 From: vanjeff Date: Wed, 8 Jul 2009 09:42:16 +0000 Subject: [PATCH] add security check. git-svn-id: https://edk2.svn.sourceforge.net/svnroot/edk2/trunk/edk2@8819 6f19259b-4bc3-4df7-8a09-765794883524 --- MdeModulePkg/Universal/Network/ArpDxe/ArpImpl.c | 4 ++-- .../Universal/Network/Dhcp4Dxe/Dhcp4Option.c | 1 + MdeModulePkg/Universal/Network/SnpDxe/Nvdata.c | 8 +++++--- .../Universal/Network/UefiPxeBcDxe/PxeBcDhcp.c | 13 +------------ .../Universal/Network/UefiPxeBcDxe/PxeBcDhcp.h | 4 ---- .../Universal/Network/UefiPxeBcDxe/PxeBcImpl.c | 6 ------ .../Universal/Network/UefiPxeBcDxe/PxeBcSupport.c | 2 -- .../Universal/Network/UefiPxeBcDxe/PxeBcSupport.h | 2 -- 8 files changed, 9 insertions(+), 31 deletions(-) diff --git a/MdeModulePkg/Universal/Network/ArpDxe/ArpImpl.c b/MdeModulePkg/Universal/Network/ArpDxe/ArpImpl.c index aa4707294b..a3923d95bd 100644 --- a/MdeModulePkg/Universal/Network/ArpDxe/ArpImpl.c +++ b/MdeModulePkg/Universal/Network/ArpDxe/ArpImpl.c @@ -1617,7 +1617,7 @@ ArpFindCacheEntry ( // // Set the fields in FindData. // - FindData->Size = *EntryLength; + FindData->Size = FoundEntryLength; FindData->DenyFlag = (BOOLEAN)(CacheTable == &ArpService->DeniedCacheTable); FindData->StaticFlag = (BOOLEAN)(CacheEntry->DefaultDecayTime == 0); FindData->HwAddressType = ArpService->SnpMode.IfType; @@ -1646,7 +1646,7 @@ ArpFindCacheEntry ( // // Slip to the next FindData. // - FindData = (EFI_ARP_FIND_DATA *)((UINT8 *)FindData + *EntryLength); + FindData = (EFI_ARP_FIND_DATA *)((UINT8 *)FindData + FoundEntryLength); } CLEAN_EXIT: diff --git a/MdeModulePkg/Universal/Network/Dhcp4Dxe/Dhcp4Option.c b/MdeModulePkg/Universal/Network/Dhcp4Dxe/Dhcp4Option.c index 11b8978b40..aa5009abf3 100644 --- a/MdeModulePkg/Universal/Network/Dhcp4Dxe/Dhcp4Option.c +++ b/MdeModulePkg/Universal/Network/Dhcp4Dxe/Dhcp4Option.c @@ -824,6 +824,7 @@ DhcpBuild ( if (EFI_ERROR (Status)) { goto ON_ERROR; } + ASSERT (SeedOptions != NULL); for (Index = 0; Index < (UINT32) Count; Index++) { Mark[SeedOptions[Index].Tag] = SeedOptions[Index]; diff --git a/MdeModulePkg/Universal/Network/SnpDxe/Nvdata.c b/MdeModulePkg/Universal/Network/SnpDxe/Nvdata.c index 9aa02e1a93..20d5daa25c 100644 --- a/MdeModulePkg/Universal/Network/SnpDxe/Nvdata.c +++ b/MdeModulePkg/Universal/Network/SnpDxe/Nvdata.c @@ -1,8 +1,8 @@ /** @file - Implementation of reading and writing operations on the NVRAM device - attached to a network interface. + Implementation of reading and writing operations on the NVRAM device + attached to a network interface. -Copyright (c) 2004 - 2007, Intel Corporation.
+Copyright (c) 2004 - 2009, Intel Corporation.
All rights reserved. This program and the accompanying materials are licensed and made available under the terms and conditions of the BSD License which accompanies this distribution. The full text of the license may be found at @@ -88,6 +88,8 @@ PxeNvDataRead ( return EFI_DEVICE_ERROR; } + ASSERT ((Offset + BufferSize) <= sizeof (Db->Data)); + CopyMem (Buffer, Db->Data.Byte + Offset, BufferSize); return EFI_SUCCESS; diff --git a/MdeModulePkg/Universal/Network/UefiPxeBcDxe/PxeBcDhcp.c b/MdeModulePkg/Universal/Network/UefiPxeBcDxe/PxeBcDhcp.c index 9b5080f15d..c04b2032c7 100644 --- a/MdeModulePkg/Universal/Network/UefiPxeBcDxe/PxeBcDhcp.c +++ b/MdeModulePkg/Universal/Network/UefiPxeBcDxe/PxeBcDhcp.c @@ -37,8 +37,6 @@ UINT8 mInterestedDhcp4Tags[PXEBC_DHCP4_TAG_INDEX_MAX] = { @param Seed Pointer to the message instance of the DHCP4 packet. @param Udp4 Pointer to the EFI_UDP4_PROTOCOL instance. - @return none. - **/ VOID PxeBcInitSeedPacket ( @@ -73,8 +71,6 @@ PxeBcInitSeedPacket ( @param Dst Pointer to the EFI_DHCP4_PROTOCOL instance. @param Src Pointer to the EFI_DHCP4_PROTOCOL instance. - @return None. - **/ VOID PxeBcCopyEfiDhcp4Packet ( @@ -96,8 +92,6 @@ PxeBcCopyEfiDhcp4Packet ( @param OfferIndex Index of cached packets as complements of pxe mode data, the index is maximum offer number. - @return None. - **/ VOID PxeBcCopyProxyOffer ( @@ -109,6 +103,7 @@ PxeBcCopyProxyOffer ( EFI_DHCP4_PACKET *Offer; ASSERT (OfferIndex < Private->NumOffers); + ASSERT (OfferIndex < PXEBC_MAX_OFFER_NUM); Mode = Private->PxeBc.Mode; Offer = &Private->Dhcp4Offers[OfferIndex].Packet.Offer; @@ -532,8 +527,6 @@ PxeBcCheckSelectedOffer ( @param Private Pointer to PxeBc private data. @param RcvdOffer Pointer to the received Dhcp proxy offer packet. - @return None. - **/ VOID PxeBcCacheDhcpOffer ( @@ -624,8 +617,6 @@ PxeBcCacheDhcpOffer ( @param Private Pointer to PxeBc private data. - @return None - **/ VOID PxeBcSelectOffer ( @@ -1465,8 +1456,6 @@ PxeBcParseVendorOptions ( @param Str Pointer to a string (boot item string). @param Len The length of string. - @return None. - **/ VOID PxeBcDisplayBootItem ( diff --git a/MdeModulePkg/Universal/Network/UefiPxeBcDxe/PxeBcDhcp.h b/MdeModulePkg/Universal/Network/UefiPxeBcDxe/PxeBcDhcp.h index d1e6ca28d2..103ae2f57d 100644 --- a/MdeModulePkg/Universal/Network/UefiPxeBcDxe/PxeBcDhcp.h +++ b/MdeModulePkg/Universal/Network/UefiPxeBcDxe/PxeBcDhcp.h @@ -305,8 +305,6 @@ typedef struct { @param Seed Pointer to the message instance of the DHCP4 packet. @param Udp4 Pointer to the EFI_UDP4_PROTOCOL instance. - @return none. - **/ VOID PxeBcInitSeedPacket ( @@ -447,8 +445,6 @@ PxeBcBuildDhcpOptions ( @param Layer the layer of the boot options @param OptLen length of opotion - @return None. - **/ VOID PxeBcCreateBootOptions ( diff --git a/MdeModulePkg/Universal/Network/UefiPxeBcDxe/PxeBcImpl.c b/MdeModulePkg/Universal/Network/UefiPxeBcDxe/PxeBcImpl.c index 663d4a0202..4a91f1c3d1 100644 --- a/MdeModulePkg/Universal/Network/UefiPxeBcDxe/PxeBcImpl.c +++ b/MdeModulePkg/Universal/Network/UefiPxeBcDxe/PxeBcImpl.c @@ -84,8 +84,6 @@ UpdateArpCache ( @param Event Pointer to EFI_PXE_BC_PROTOCOL @param Context Context of the timer event - - @return None. **/ VOID @@ -139,8 +137,6 @@ FindInArpCache ( @param Context The PXEBC private data. - @return None. - **/ VOID EFIAPI @@ -233,8 +229,6 @@ Resume: @param Event The event signaled. @param Context The context passed in by the event notifier. - @return None. - **/ VOID EFIAPI diff --git a/MdeModulePkg/Universal/Network/UefiPxeBcDxe/PxeBcSupport.c b/MdeModulePkg/Universal/Network/UefiPxeBcDxe/PxeBcSupport.c index 087c2619aa..0a67fdeda2 100644 --- a/MdeModulePkg/Universal/Network/UefiPxeBcDxe/PxeBcSupport.c +++ b/MdeModulePkg/Universal/Network/UefiPxeBcDxe/PxeBcSupport.c @@ -142,8 +142,6 @@ GetSmbiosSystemGuidAndSerialNumber ( @param Event The event signaled. @param Context The context. - @return None - **/ VOID EFIAPI diff --git a/MdeModulePkg/Universal/Network/UefiPxeBcDxe/PxeBcSupport.h b/MdeModulePkg/Universal/Network/UefiPxeBcDxe/PxeBcSupport.h index deca161bb1..b006e38042 100644 --- a/MdeModulePkg/Universal/Network/UefiPxeBcDxe/PxeBcSupport.h +++ b/MdeModulePkg/Universal/Network/UefiPxeBcDxe/PxeBcSupport.h @@ -38,8 +38,6 @@ GetSmbiosSystemGuidAndSerialNumber ( @param Event The event signaled. @param Context The context. - @return None - **/ VOID EFIAPI -- 2.39.2