add security check.

git-svn-id: https://edk2.svn.sourceforge.net/svnroot/edk2/trunk/edk2@8680 6f19259b-4bc3-4df7-8a09-765794883524
This commit is contained in:
vanjeff
2009-06-29 09:19:25 +00:00
parent f2a064736d
commit 894d038a8d
22 changed files with 90 additions and 40 deletions

View File

@@ -274,6 +274,7 @@ PxeBcTryBinl (
PXEBC_CACHED_DHCP4_PACKET *CachedPacket;
EFI_DHCP4_PACKET *Reply;
ASSERT (Index < PXEBC_MAX_OFFER_NUM);
ASSERT (Private->Dhcp4Offers[Index].OfferType == DHCP4_PACKET_TYPE_BINL);
Offer = &Private->Dhcp4Offers[Index].Packet.Offer;
@@ -560,6 +561,7 @@ PxeBcCacheDhcpOffer (
}
OfferType = CachedOffer->OfferType;
ASSERT (OfferType < DHCP4_PACKET_TYPE_MAX);
if (OfferType == DHCP4_PACKET_TYPE_BOOTP) {
@@ -603,6 +605,7 @@ PxeBcCacheDhcpOffer (
//
// It's a dhcp offer with your address.
//
ASSERT (Private->ServerCount[OfferType] < PXEBC_MAX_OFFER_NUM);
Private->OfferIndex[OfferType][Private->ServerCount[OfferType]] = Private->NumOffers;
Private->ServerCount[OfferType]++;
}
@@ -1119,6 +1122,7 @@ PxeBcDiscvBootService (
EFI_DHCP4_HEADER *DhcpHeader;
UINT32 Xid;
ASSERT (IsDiscv && (Layer != NULL));
Mode = Private->PxeBc.Mode;
Dhcp4 = Private->Dhcp4;
@@ -1717,15 +1721,21 @@ PxeBcSelectBootMenu (
MenuSize = VendorOpt->BootMenuLen;
MenuItem = VendorOpt->BootMenu;
if (MenuSize == 0) {
return EFI_NOT_READY;
}
while (MenuSize > 0) {
MenuArray[Index] = MenuItem;
MenuSize = (UINT8) (MenuSize - (MenuItem->DescLen + 3));
MenuItem = (PXEBC_BOOT_MENU_ENTRY *) ((UINT8 *) MenuItem + MenuItem->DescLen + 3);
Index++;
if (Index++ > (PXEBC_MAX_MENU_NUM - 1)) {
break;
}
}
if (UseDefaultItem) {
CopyMem (Type, &MenuArray[0]->Type, sizeof (UINT16));
*Type = MenuArray[0]->Type;
*Type = NTOHS (*Type);
return EFI_SUCCESS;
}

View File

@@ -1432,6 +1432,8 @@ CheckIpByFilter (
return TRUE;
}
ASSERT (PxeBcMode->IpFilter.IpCnt < EFI_PXE_BASE_CODE_MAX_IPCNT);
for (Index = 0; Index < PxeBcMode->IpFilter.IpCnt; Index++) {
CopyMem (
&Ip4Address,
@@ -1755,20 +1757,20 @@ EfiPxeBcSetIpFilter (
BOOLEAN PromiscuousNeed;
if (This == NULL) {
DEBUG ((EFI_D_ERROR, "BC *This pointer == NULL.\n"));
DEBUG ((EFI_D_ERROR, "This == NULL.\n"));
return EFI_INVALID_PARAMETER;
}
Private = PXEBC_PRIVATE_DATA_FROM_PXEBC (This);
Mode = Private->PxeBc.Mode;
if (Private == NULL) {
DEBUG ((EFI_D_ERROR, "PXEBC_PRIVATE_DATA poiner == NULL.\n"));
if (NewFilter == NULL) {
DEBUG ((EFI_D_ERROR, "NewFilter == NULL.\n"));
return EFI_INVALID_PARAMETER;
}
if (NewFilter == NULL) {
DEBUG ((EFI_D_ERROR, "IP Filter *NewFilter == NULL.\n"));
if (NewFilter->IpCnt > EFI_PXE_BASE_CODE_MAX_IPCNT) {
DEBUG ((EFI_D_ERROR, "NewFilter->IpCnt > %d.\n", EFI_PXE_BASE_CODE_MAX_IPCNT));
return EFI_INVALID_PARAMETER;
}
@@ -1778,6 +1780,7 @@ EfiPxeBcSetIpFilter (
}
PromiscuousNeed = FALSE;
for (Index = 0; Index < NewFilter->IpCnt; ++Index) {
if (IP4_IS_LOCAL_BROADCAST (EFI_IP4 (NewFilter->IpList[Index].v4))) {
//

View File

@@ -250,9 +250,10 @@ CvtNum (
{
UINTN Remainder;
while (Length-- > 0) {
while (Length > 0) {
Remainder = Number % 10;
Number /= 10;
Length--;
Buffer[Length] = (UINT8) ('0' + Remainder);
}
}