Reviewed-by: Ye Ting <ting...@intel.com> -----Original Message----- From: Wu, Jiaxin Sent: Friday, April 21, 2017 10:21 AM To: edk2-devel@lists.01.org Cc: Ye, Ting <ting...@intel.com>; Fu, Siyuan <siyuan...@intel.com>; Wu, Jiaxin <jiaxin...@intel.com> Subject: [Patch] MdeModulePkg/Mtftp4Dxe: Add invalid ServerIp check during MTFTP configuration
Cc: Ye Ting <ting...@intel.com> Cc: Fu Siyuan <siyuan...@intel.com> Contributed-under: TianoCore Contribution Agreement 1.0 Signed-off-by: Wu Jiaxin <jiaxin...@intel.com> --- MdeModulePkg/Universal/Network/Mtftp4Dxe/Mtftp4Impl.c | 6 +++++- 1 file changed, 5 insertions(+), 1 deletion(-) diff --git a/MdeModulePkg/Universal/Network/Mtftp4Dxe/Mtftp4Impl.c b/MdeModulePkg/Universal/Network/Mtftp4Dxe/Mtftp4Impl.c index 5494231..54384e1 100644 --- a/MdeModulePkg/Universal/Network/Mtftp4Dxe/Mtftp4Impl.c +++ b/MdeModulePkg/Universal/Network/Mtftp4Dxe/Mtftp4Impl.c @@ -1,10 +1,10 @@ /** @file Interface routine for Mtftp4. (C) Copyright 2014 Hewlett-Packard Development Company, L.P.<BR> -Copyright (c) 2006 - 2016, Intel Corporation. All rights reserved.<BR> +Copyright (c) 2006 - 2017, Intel Corporation. All rights reserved.<BR> This program and the accompanying materials are licensed and made available under the terms and conditions of the BSD License which accompanies this distribution. The full text of the license may be found at http://opensource.org/licenses/bsd-license.php<BR> @@ -665,10 +665,14 @@ EfiMtftp4Configure ( Ip = NTOHL (Ip); Netmask = NTOHL (Netmask); Gateway = NTOHL (Gateway); ServerIp = NTOHL (ServerIp); + if (ServerIp == 0 || IP4_IS_LOCAL_BROADCAST (ServerIp)) { + return EFI_INVALID_PARAMETER; + } + if (!ConfigData->UseDefaultSetting && ((!IP4_IS_VALID_NETMASK (Netmask) || (Netmask != 0 && !NetIp4IsUnicast (Ip, Netmask))))) { return EFI_INVALID_PARAMETER; } -- 1.9.5.msysgit.1 _______________________________________________ edk2-devel mailing list edk2-devel@lists.01.org https://lists.01.org/mailman/listinfo/edk2-devel
