summaryrefslogtreecommitdiff
path: root/MdeModulePkg
diff options
context:
space:
mode:
authorqianouyang <qianouyang@6f19259b-4bc3-4df7-8a09-765794883524>2011-06-14 09:45:59 +0000
committerqianouyang <qianouyang@6f19259b-4bc3-4df7-8a09-765794883524>2011-06-14 09:45:59 +0000
commit94b928ca595def75b918daacdefb70832b28882d (patch)
tree0702503ae527c5f129de321a74282aaed6dc0af9 /MdeModulePkg
parent08cd970203c092f4460ebb4f227745b69a633824 (diff)
downloadedk2-platforms-94b928ca595def75b918daacdefb70832b28882d.tar.xz
1. In IPv4 and IPv6 driver, before calling IPsec, a new NET_FRAGMENT structure is allocated and then passed to IPsec, it should be released after it is done to avoid the memory leak.
2. In IPsec driver it wrongly use the HeadLen to calculate the IP header length after the IPsec process. Correct this mistake. Signed-off-by: qianouyang Reviewed-by: jjin9 Reviewed-by: ZhangCaoIntel git-svn-id: https://edk2.svn.sourceforge.net/svnroot/edk2/trunk/edk2@11824 6f19259b-4bc3-4df7-8a09-765794883524
Diffstat (limited to 'MdeModulePkg')
-rw-r--r--MdeModulePkg/Universal/Network/Ip4Dxe/Ip4Input.c38
1 files changed, 29 insertions, 9 deletions
diff --git a/MdeModulePkg/Universal/Network/Ip4Dxe/Ip4Input.c b/MdeModulePkg/Universal/Network/Ip4Dxe/Ip4Input.c
index cfa13e45cb..9cd1ae5cfc 100644
--- a/MdeModulePkg/Universal/Network/Ip4Dxe/Ip4Input.c
+++ b/MdeModulePkg/Universal/Network/Ip4Dxe/Ip4Input.c
@@ -1,7 +1,7 @@
/** @file
IP4 input process.
-Copyright (c) 2005 - 2010, Intel Corporation. All rights reserved.<BR>
+Copyright (c) 2005 - 2011, Intel Corporation. All rights reserved.<BR>
This program and the accompanying materials
are licensed and made available under the terms and conditions of the BSD License
which accompanies this distribution. The full text of the license may be found at
@@ -583,11 +583,21 @@ Ip4IpSecProcessPacket (
Ip4NtohHead (*Head);
if (EFI_ERROR (Status)) {
+ FreePool (OriginalFragmentTable);
goto ON_EXIT;
}
if (OriginalFragmentTable == FragmentTable && OriginalFragmentCount == FragmentCount) {
+ //
+ // For ByPass Packet
+ //
+ FreePool (FragmentTable);
goto ON_EXIT;
+ } else {
+ //
+ // Free the FragmentTable which allocated before calling the IPsec.
+ //
+ FreePool (OriginalFragmentTable);
}
if (Direction == EfiIPsecOutBound && TxWrap != NULL) {
@@ -602,6 +612,11 @@ Ip4IpSecProcessPacket (
TxWrap
);
if (TxWrap->Packet == NULL) {
+ //
+ // Recover the TxWrap->Packet, if meet a error, and the caller will free
+ // the TxWrap.
+ //
+ TxWrap->Packet = *Netbuf;
Status = EFI_OUT_OF_RESOURCES;
goto ON_EXIT;
}
@@ -617,6 +632,8 @@ Ip4IpSecProcessPacket (
IpSecWrap = AllocateZeroPool (sizeof (IP4_IPSEC_WRAP));
if (IpSecWrap == NULL) {
+ Status = EFI_OUT_OF_RESOURCES;
+ gBS->SignalEvent (RecycleEvent);
goto ON_EXIT;
}
@@ -632,6 +649,9 @@ Ip4IpSecProcessPacket (
);
if (Packet == NULL) {
+ Packet = IpSecWrap->Packet;
+ gBS->SignalEvent (RecycleEvent);
+ FreePool (IpSecWrap);
Status = EFI_OUT_OF_RESOURCES;
goto ON_EXIT;
}
@@ -848,11 +868,11 @@ Ip4AccpetFrame (
// and no need consider any other ahead ext headers.
//
Status = Ip4IpSecProcessPacket (
- IpSb,
- &Head,
- &Packet,
+ IpSb,
+ &Head,
+ &Packet,
&Option,
- &OptionLen,
+ &OptionLen,
EfiIPsecInBound,
NULL
);
@@ -872,11 +892,11 @@ Ip4AccpetFrame (
//
Head = (IP4_HEAD *) NetbufGetByte (Packet, 0, NULL);
Status = Ip4PreProcessPacket (
- IpSb,
- &Packet,
- Head,
+ IpSb,
+ &Packet,
+ Head,
Option,
- OptionLen,
+ OptionLen,
Flag
);
if (EFI_ERROR (Status)) {