Cc: Ye Ting <ting.ye@intel.com>
Cc: Fu Siyuan <siyuan.fu@intel.com>
Cc: Wang Fan <fan.wang@intel.com>
Contributed-under: TianoCore Contribution Agreement 1.0
Signed-off-by: Wu Jiaxin <jiaxin.wu@intel.com>
---
MdeModulePkg/Include/Library/HttpLib.h | 1 +
MdeModulePkg/Library/DxeHttpLib/DxeHttpLib.c | 25 ++++++++++++++++++++-----
2 files changed, 21 insertions(+), 5 deletions(-)
diff --git a/MdeModulePkg/Include/Library/HttpLib.h b/MdeModulePkg/Include/Library/HttpLib.h
index 8539820..88b56ae 100644
--- a/MdeModulePkg/Include/Library/HttpLib.h
+++ b/MdeModulePkg/Include/Library/HttpLib.h
@@ -370,10 +370,11 @@ HttpFindHeader (
@param[in] FieldName FieldName of this HttpHeader, a NULL terminated ASCII string.
@param[in] FieldValue FieldValue of this HttpHeader, a NULL terminated ASCII string.
@retval EFI_SUCCESS The FieldName and FieldValue are set into HttpHeader successfully.
+ @retval EFI_INVALID_PARAMETER The parameter is invalid.
@retval EFI_OUT_OF_RESOURCES Failed to allocate resources.
**/
EFI_STATUS
EFIAPI
diff --git a/MdeModulePkg/Library/DxeHttpLib/DxeHttpLib.c b/MdeModulePkg/Library/DxeHttpLib/DxeHttpLib.c
index 27b94e3..38ded5d 100644
--- a/MdeModulePkg/Library/DxeHttpLib/DxeHttpLib.c
+++ b/MdeModulePkg/Library/DxeHttpLib/DxeHttpLib.c
@@ -1396,10 +1396,14 @@ HttpIsMessageComplete (
IN VOID *MsgParser
)
{
HTTP_BODY_PARSER *Parser;
+ if (MsgParser == NULL) {
+ return FALSE;
+ }
+
Parser = (HTTP_BODY_PARSER*) MsgParser;
if (Parser->State == BodyParserComplete) {
return TRUE;
}
@@ -1497,10 +1501,11 @@ AsciiStrGetNextToken (
@param[in] FieldName FieldName of this HttpHeader, a NULL terminated ASCII string.
@param[in] FieldValue FieldValue of this HttpHeader, a NULL terminated ASCII string.
@retval EFI_SUCCESS The FieldName and FieldValue are set into HttpHeader successfully.
+ @retval EFI_INVALID_PARAMETER The parameter is invalid.
@retval EFI_OUT_OF_RESOURCES Failed to allocate resources.
**/
EFI_STATUS
EFIAPI
@@ -1511,10 +1516,14 @@ HttpSetFieldNameAndValue (
)
{
UINTN FieldNameSize;
UINTN FieldValueSize;
+ if (HttpHeader == NULL || FieldName == NULL || FieldValue == NULL) {
+ return EFI_INVALID_PARAMETER;
+ }
+
if (HttpHeader->FieldName != NULL) {
FreePool (HttpHeader->FieldName);
}
if (HttpHeader->FieldValue != NULL) {
FreePool (HttpHeader->FieldValue);
@@ -1728,14 +1737,10 @@ HttpGenRequestMessage (
VOID *HttpHdr;
EFI_HTTP_HEADER **AppendList;
UINTN Index;
EFI_HTTP_UTILITIES_PROTOCOL *HttpUtilitiesProtocol;
-
- ASSERT (Message != NULL);
-
- *RequestMsg = NULL;
Status = EFI_SUCCESS;
HttpHdrSize = 0;
MsgSize = 0;
Success = FALSE;
HttpHdr = NULL;
@@ -1746,11 +1751,12 @@ HttpGenRequestMessage (
// 1. If we have a Request, we cannot have a NULL Url
// 2. If we have a Request, HeaderCount can not be non-zero
// 3. If we do not have a Request, HeaderCount should be zero
// 4. If we do not have Request and Headers, we need at least a message-body
//
- if ((Message->Data.Request != NULL && Url == NULL) ||
+ if ((Message == NULL || RequestMsg == NULL || RequestMsgSize == NULL) ||
+ (Message->Data.Request != NULL && Url == NULL) ||
(Message->Data.Request != NULL && Message->HeaderCount == 0) ||
(Message->Data.Request == NULL && Message->HeaderCount != 0) ||
(Message->Data.Request == NULL && Message->HeaderCount == 0 && Message->BodyLength == 0)) {
return EFI_INVALID_PARAMETER;
}
@@ -1827,10 +1833,11 @@ HttpGenRequestMessage (
MsgSize += Message->BodyLength;
//
// memory for the string that needs to be sent to TCP
//
+ *RequestMsg = NULL;
*RequestMsg = AllocateZeroPool (MsgSize);
if (*RequestMsg == NULL) {
Status = EFI_OUT_OF_RESOURCES;
goto Exit;
}
@@ -2052,11 +2059,19 @@ HttpIsValidHttpHeader (
IN CHAR8 *FieldName
)
{
UINTN Index;
+ if (FieldName == NULL) {
+ return FALSE;
+ }
+
for (Index = 0; Index < DeleteCount; Index++) {
+ if (DeleteList[Index] == NULL) {
+ continue;
+ }
+
if (AsciiStrCmp (FieldName, DeleteList[Index]) == 0) {
return FALSE;
}
}
--
1.9.5.msysgit.1
_______________________________________________
edk2-devel mailing list
edk2-devel@lists.01.org
https://lists.01.org/mailman/listinfo/edk2-devel