From 47b27101845c3ba525d1123fc87fa6cd5650ff77 Mon Sep 17 00:00:00 2001 From: qianouyang Date: Tue, 31 May 2011 02:03:57 +0000 Subject: [PATCH] Update the IPsec driver to check in invalid parameter of ProcessExt() according to UEFI Spec. Signed-off-by: qianouyang Reviewed-by: jjin9 git-svn-id: https://edk2.svn.sourceforge.net/svnroot/edk2/trunk/edk2@11714 6f19259b-4bc3-4df7-8a09-765794883524 --- NetworkPkg/IpSecDxe/IpSecImpl.c | 38 ++++++++++++++++----------------- NetworkPkg/IpSecDxe/IpSecImpl.h | 18 ++++++++-------- NetworkPkg/IpSecDxe/IpSecMain.c | 9 +++++++- 3 files changed, 36 insertions(+), 29 deletions(-) diff --git a/NetworkPkg/IpSecDxe/IpSecImpl.c b/NetworkPkg/IpSecDxe/IpSecImpl.c index 7ccbfa25ee..63abfa6ba6 100644 --- a/NetworkPkg/IpSecDxe/IpSecImpl.c +++ b/NetworkPkg/IpSecDxe/IpSecImpl.c @@ -1,7 +1,7 @@ /** @file The implementation of IPsec. - Copyright (c) 2009 - 2010, Intel Corporation. All rights reserved.
+ Copyright (c) 2009 - 2011, Intel Corporation. All rights reserved.
This program and the accompanying materials are licensed and made available under the terms and conditions of the BSD License @@ -1188,8 +1188,8 @@ IpSecTunnelInboundPacket ( @param[in] IpVersion The version of IP. @param[in] SadData The related SAD data. @param[in, out] LastHead The Last Header in IP header. - @param[in] OptionsBuffer Pointer to the options buffer. It is optional. - @param[in] OptionsLength Length of the options buffer. It is optional. + @param[in] OptionsBuffer Pointer to the options buffer. + @param[in] OptionsLength Length of the options buffer. @param[in, out] FragmentTable Pointer to a list of fragments to be protected by IPsec on input, and with IPsec protected on return. @@ -1360,8 +1360,8 @@ IpSecTunnelOutboundPacket ( to be trimed on input, and without ESP header on return. @param[out] LastHead The Last Header in IP header on return. - @param[in, out] OptionsBuffer Pointer to the options buffer. It is optional. - @param[in, out] OptionsLength Length of the options buffer. It is optional. + @param[in, out] OptionsBuffer Pointer to the options buffer. + @param[in, out] OptionsLength Length of the options buffer. @param[in, out] FragmentTable Pointer to a list of fragments in the form of IPsec protected on input, and without IPsec protected on return. @@ -1382,8 +1382,8 @@ IpSecEspInboundPacket ( IN UINT8 IpVersion, IN OUT VOID *IpHead, OUT UINT8 *LastHead, - IN OUT VOID **OptionsBuffer, OPTIONAL - IN OUT UINT32 *OptionsLength, OPTIONAL + IN OUT VOID **OptionsBuffer, + IN OUT UINT32 *OptionsLength, IN OUT EFI_IPSEC_FRAGMENT_DATA **FragmentTable, IN OUT UINT32 *FragmentCount, OUT EFI_IPSEC_SPD_SELECTOR **SpdSelector, @@ -1647,8 +1647,8 @@ ON_EXIT: to be processed on input, and inserted ESP header on return. @param[in, out] LastHead The Last Header in IP header. - @param[in, out] OptionsBuffer Pointer to the options buffer. It is optional. - @param[in, out] OptionsLength Length of the options buffer. It is optional. + @param[in, out] OptionsBuffer Pointer to the options buffer. + @param[in, out] OptionsLength Length of the options buffer. @param[in, out] FragmentTable Pointer to a list of fragments to be protected by IPsec on input, and with IPsec protected on return. @@ -1665,8 +1665,8 @@ IpSecEspOutboundPacket ( IN UINT8 IpVersion, IN OUT VOID *IpHead, IN OUT UINT8 *LastHead, - IN OUT VOID **OptionsBuffer, OPTIONAL - IN OUT UINT32 *OptionsLength, OPTIONAL + IN OUT VOID **OptionsBuffer, + IN OUT UINT32 *OptionsLength, IN OUT EFI_IPSEC_FRAGMENT_DATA **FragmentTable, IN OUT UINT32 *FragmentCount, IN IPSEC_SAD_ENTRY *SadEntry, @@ -2046,8 +2046,8 @@ ON_EXIT: to be trimed on input, and without ESP/AH header on return. @param[in, out] LastHead The Last Header in IP header on return. - @param[in, out] OptionsBuffer Pointer to the options buffer. It is optional. - @param[in, out] OptionsLength Length of the options buffer. It is optional. + @param[in, out] OptionsBuffer Pointer to the options buffer. + @param[in, out] OptionsLength Length of the options buffer. @param[in, out] FragmentTable Pointer to a list of fragments in form of IPsec protected on input, and without IPsec protected on return. @@ -2064,8 +2064,8 @@ IpSecProtectInboundPacket ( IN UINT8 IpVersion, IN OUT VOID *IpHead, IN OUT UINT8 *LastHead, - IN OUT VOID **OptionsBuffer, OPTIONAL - IN OUT UINT32 *OptionsLength, OPTIONAL + IN OUT VOID **OptionsBuffer, + IN OUT UINT32 *OptionsLength, IN OUT EFI_IPSEC_FRAGMENT_DATA **FragmentTable, IN OUT UINT32 *FragmentCount, OUT EFI_IPSEC_SPD_SELECTOR **SpdEntry, @@ -2105,8 +2105,8 @@ IpSecProtectInboundPacket ( to be processed on input, and inserted ESP/AH header on return. @param[in, out] LastHead The Last Header in IP header. - @param[in, out] OptionsBuffer Pointer to the options buffer. It is optional. - @param[in, out] OptionsLength Length of the options buffer. It is optional. + @param[in, out] OptionsBuffer Pointer to the options buffer. + @param[in, out] OptionsLength Length of the options buffer. @param[in, out] FragmentTable Pointer to a list of fragments to be protected by IPsec on input, and with IPsec protected on return. @@ -2123,8 +2123,8 @@ IpSecProtectOutboundPacket ( IN UINT8 IpVersion, IN OUT VOID *IpHead, IN OUT UINT8 *LastHead, - IN OUT VOID **OptionsBuffer, OPTIONAL - IN OUT UINT32 *OptionsLength, OPTIONAL + IN OUT VOID **OptionsBuffer, + IN OUT UINT32 *OptionsLength, IN OUT EFI_IPSEC_FRAGMENT_DATA **FragmentTable, IN OUT UINT32 *FragmentCount, IN IPSEC_SAD_ENTRY *SadEntry, diff --git a/NetworkPkg/IpSecDxe/IpSecImpl.h b/NetworkPkg/IpSecDxe/IpSecImpl.h index 4237119d93..ff7a189395 100644 --- a/NetworkPkg/IpSecDxe/IpSecImpl.h +++ b/NetworkPkg/IpSecDxe/IpSecImpl.h @@ -1,7 +1,7 @@ /** @file The definitions related to IPsec protocol implementation. - Copyright (c) 2009 - 2010, Intel Corporation. All rights reserved.
+ Copyright (c) 2009 - 2011, Intel Corporation. All rights reserved.
This program and the accompanying materials are licensed and made available under the terms and conditions of the BSD License @@ -158,8 +158,8 @@ struct _IPSEC_PRIVATE_DATA { to be trimed on input, and without ESP/AH header on return. @param[in, out] LastHead The Last Header in IP header on return. - @param[in, out] OptionsBuffer Pointer to the options buffer. It is optional. - @param[in, out] OptionsLength Length of the options buffer. It is optional. + @param[in, out] OptionsBuffer Pointer to the options buffer. + @param[in, out] OptionsLength Length of the options buffer. @param[in, out] FragmentTable Pointer to a list of fragments in form of IPsec protected on input, and without IPsec protected on return. @@ -176,8 +176,8 @@ IpSecProtectInboundPacket ( IN UINT8 IpVersion, IN OUT VOID *IpHead, IN OUT UINT8 *LastHead, - IN OUT VOID **OptionsBuffer, OPTIONAL - IN OUT UINT32 *OptionsLength, OPTIONAL + IN OUT VOID **OptionsBuffer, + IN OUT UINT32 *OptionsLength, IN OUT EFI_IPSEC_FRAGMENT_DATA **FragmentTable, IN OUT UINT32 *FragmentCount, OUT EFI_IPSEC_SPD_SELECTOR **SpdEntry, @@ -196,8 +196,8 @@ IpSecProtectInboundPacket ( to be processed on input, and inserted ESP/AH header on return. @param[in, out] LastHead The Last Header in IP header. - @param[in, out] OptionsBuffer Pointer to the options buffer. It is optional. - @param[in, out] OptionsLength Length of the options buffer. It is optional. + @param[in, out] OptionsBuffer Pointer to the options buffer. + @param[in, out] OptionsLength Length of the options buffer. @param[in, out] FragmentTable Pointer to a list of fragments to be protected by IPsec on input, and with IPsec protected on return. @@ -214,8 +214,8 @@ IpSecProtectOutboundPacket ( IN UINT8 IpVersion, IN OUT VOID *IpHead, IN OUT UINT8 *LastHead, - IN OUT VOID **OptionsBuffer, OPTIONAL - IN OUT UINT32 *OptionsLength, OPTIONAL + IN OUT VOID **OptionsBuffer, + IN OUT UINT32 *OptionsLength, IN OUT EFI_IPSEC_FRAGMENT_DATA **FragmentTable, IN OUT UINT32 *FragmentCount, IN IPSEC_SAD_ENTRY *SadEntry, diff --git a/NetworkPkg/IpSecDxe/IpSecMain.c b/NetworkPkg/IpSecDxe/IpSecMain.c index f98f809ab8..a2fefa70d7 100644 --- a/NetworkPkg/IpSecDxe/IpSecMain.c +++ b/NetworkPkg/IpSecDxe/IpSecMain.c @@ -1,7 +1,7 @@ /** @file The mian interface of IPsec Protocol. - Copyright (c) 2009 - 2010, Intel Corporation. All rights reserved.
+ Copyright (c) 2009 - 2011, Intel Corporation. All rights reserved.
This program and the accompanying materials are licensed and made available under the terms and conditions of the BSD License @@ -70,6 +70,13 @@ IpSecProcess ( UINT8 OldLastHead; BOOLEAN IsOutbound; + if (OptionsBuffer == NULL || + OptionsLength == NULL || + FragmentTable == NULL || + FragmentCount == NULL + ) { + return EFI_INVALID_PARAMETER; + } Private = IPSEC_PRIVATE_DATA_FROM_IPSEC (This); IpPayload = (*FragmentTable)[0].FragmentBuffer; IsOutbound = (BOOLEAN) ((TrafficDirection == EfiIPsecOutBound) ? TRUE : FALSE); -- 2.39.2