NetworkPkg: Avoid potential NULL pointer dereference

The commit of 6b16c9e7 removes ASSERT and use error handling in IpSecDxe driver, but may cause the potential NULL pointer dereference. So, this patch is used to avoid NULL pointer dereference. Cc: Ye Ting <ting.ye@intel.com> Cc: Fu Siyuan <siyuan.fu@intel.com> Cc: Zhang Lubo <lubo.zhang@intel.com> Contributed-under: TianoCore Contribution Agreement 1.0 Signed-off-by: Jiaxin Wu <jiaxin.wu@intel.com> Reviewed-by: Ye Ting <ting.ye@intel.com>
2016-06-24 15:19:44 +08:00
parent 9252d67ab3
commit 6771c1d658
5 changed files with 195 additions and 15 deletions
--- a/NetworkPkg/IpSecDxe/IkePacket.c
+++ b/NetworkPkg/IpSecDxe/IkePacket.c
@@ -1,7 +1,7 @@
 /** @file
  IKE Packet related operation.

-  Copyright (c) 2010, Intel Corporation. All rights reserved.<BR>
+  Copyright (c) 2010 - 2016, Intel Corporation. All rights reserved.<BR>

  This program and the accompanying materials
  are licensed and made available under the terms and conditions of the BSD License
@@ -195,6 +195,9 @@ IkeNetbufFromPacket (
  LIST_ENTRY    *PacketEntry;
  LIST_ENTRY    *Entry;
  IKE_PAYLOAD   *IkePayload;
+  EFI_STATUS    RetStatus;
+
+  RetStatus = EFI_SUCCESS;

  if (!IkePacket->IsEncoded) {
    IkePacket->IsEncoded = TRUE;
@@ -203,10 +206,14 @@ IkeNetbufFromPacket (
    // Encryption payloads if needed
    //
    if (((IKEV2_SESSION_COMMON *) SessionCommon)->IkeVer == 2) {
-      Ikev2EncodePacket ((IKEV2_SESSION_COMMON *) SessionCommon, IkePacket, IkeType);
+      RetStatus = Ikev2EncodePacket ((IKEV2_SESSION_COMMON *) SessionCommon, IkePacket, IkeType);
+      if (EFI_ERROR (RetStatus)) {
+        return NULL;
+      }
+      
    } else {
      //
-      //If IKEv1 support, check it here.
+      // If IKEv1 support, check it here.
      //
      return NULL;
    }