From 33c031ee2092282a069ce07d30202082ceaf61fe Mon Sep 17 00:00:00 2001 From: jcarsey Date: Wed, 30 Mar 2011 19:33:03 +0000 Subject: pointer verification (not NULL) and buffer overrun fixes. git-svn-id: https://edk2.svn.sourceforge.net/svnroot/edk2/trunk/edk2@11459 6f19259b-4bc3-4df7-8a09-765794883524 --- .../Library/UefiShellNetwork1CommandsLib/Ifconfig.c | 21 ++++++++++++++++----- .../Library/UefiShellNetwork1CommandsLib/Ping.c | 2 +- 2 files changed, 17 insertions(+), 6 deletions(-) (limited to 'ShellPkg/Library/UefiShellNetwork1CommandsLib') diff --git a/ShellPkg/Library/UefiShellNetwork1CommandsLib/Ifconfig.c b/ShellPkg/Library/UefiShellNetwork1CommandsLib/Ifconfig.c index 94c9c021ac..3bfdf847de 100644 --- a/ShellPkg/Library/UefiShellNetwork1CommandsLib/Ifconfig.c +++ b/ShellPkg/Library/UefiShellNetwork1CommandsLib/Ifconfig.c @@ -606,13 +606,19 @@ IfconfigGetAllNicInfoByHii ( // Construct configuration request string header // ConfigHdr = ConstructConfigHdr (&gEfiNicIp4ConfigVariableGuid, EFI_NIC_IP4_CONFIG_VARIABLE, ChildHandle); - Length = StrLen (ConfigHdr); + if (ConfigHdr != NULL) { + Length = StrLen (ConfigHdr); + } else { + Length = 0; + } ConfigResp = AllocateZeroPool ((Length + NIC_ITEM_CONFIG_SIZE * 2 + 100) * sizeof (CHAR16)); if (ConfigResp == NULL) { Status = EFI_OUT_OF_RESOURCES; goto ON_ERROR; } - StrCpy (ConfigResp, ConfigHdr); + if (ConfigHdr != NULL) { + StrCpy (ConfigResp, ConfigHdr); + } // // Append OFFSET/WIDTH pair @@ -772,10 +778,15 @@ IfconfigSetNicAddrByHii ( // Construct config request string header // ConfigHdr = ConstructConfigHdr (&gEfiNicIp4ConfigVariableGuid, EFI_NIC_IP4_CONFIG_VARIABLE, ChildHandle); - - Length = StrLen (ConfigHdr); + if (ConfigHdr != NULL) { + Length = StrLen (ConfigHdr); + } else { + Length = 0; + } ConfigResp = AllocateZeroPool ((Length + NIC_ITEM_CONFIG_SIZE * 2 + 100) * sizeof (CHAR16)); - StrCpy (ConfigResp, ConfigHdr); + if (ConfigHdr != NULL) { + StrCpy (ConfigResp, ConfigHdr); + } NicConfig = AllocateZeroPool (NIC_ITEM_CONFIG_SIZE); if (NicConfig == NULL) { diff --git a/ShellPkg/Library/UefiShellNetwork1CommandsLib/Ping.c b/ShellPkg/Library/UefiShellNetwork1CommandsLib/Ping.c index 493de26f8a..7982f99c57 100644 --- a/ShellPkg/Library/UefiShellNetwork1CommandsLib/Ping.c +++ b/ShellPkg/Library/UefiShellNetwork1CommandsLib/Ping.c @@ -883,7 +883,7 @@ PingCreateIpInstance ( &HandleNum, &HandleBuffer ); - if (EFI_ERROR (Status) || (HandleNum == 0)) { + if (EFI_ERROR (Status) || (HandleNum == 0) || (HandleBuffer == NULL)) { return EFI_ABORTED; } // -- cgit v1.2.3