MdeModulePkg/Ip4Dxe: Add wrong/invalid subnet check
v2:
* Separate out the return status fix.
* Replace IP4_MASK_MAX with IP4_MASK_NUM.
* Remove the ON_EXIT label.
This patch is used to add the wrong/invalid subnet check.
Cc: Santhapur Naveen <naveens@amiindia.co.in>
Cc: Laszlo Ersek <lersek@redhat.com>
Cc: Ye Ting <ting.ye@intel.com>
Cc: Fu Siyuan <siyuan.fu@intel.com>
Contributed-under: TianoCore Contribution Agreement 1.0
Signed-off-by: Jiaxin Wu <jiaxin.wu@intel.com>
Reviewed-by: Ye Ting <ting.ye@intel.com>
Reviewed-by: Laszlo Ersek <lersek@redhat.com>
diff --git a/MdeModulePkg/Universal/Network/Ip4Dxe/Ip4Config2Impl.c b/MdeModulePkg/Universal/Network/Ip4Dxe/Ip4Config2Impl.c
index a931bb3..5b01b35 100644
--- a/MdeModulePkg/Universal/Network/Ip4Dxe/Ip4Config2Impl.c
+++ b/MdeModulePkg/Universal/Network/Ip4Dxe/Ip4Config2Impl.c
@@ -1255,6 +1255,13 @@
NewAddress = *((EFI_IP4_CONFIG2_MANUAL_ADDRESS *) Data);
+ StationAddress = EFI_NTOHL (NewAddress.Address);
+ SubnetMask = EFI_NTOHL (NewAddress.SubnetMask);
+
+ if (NetGetMaskLength (SubnetMask) == IP4_MASK_NUM) {
+ return EFI_INVALID_PARAMETER;
+ }
+
//
// Store the new data, and init the DataItem status to EFI_NOT_READY because
// we may have an asynchronous configuration process.
@@ -1273,9 +1280,6 @@
DataItem->DataSize = DataSize;
DataItem->Status = EFI_NOT_READY;
- StationAddress = EFI_NTOHL (NewAddress.Address);
- SubnetMask = EFI_NTOHL (NewAddress.SubnetMask);
-
IpSb->Reconfig = TRUE;
Status = Ip4Config2SetDefaultAddr (IpSb, StationAddress, SubnetMask);
if (EFI_ERROR (Status)) {
diff --git a/MdeModulePkg/Universal/Network/Ip4Dxe/Ip4If.c b/MdeModulePkg/Universal/Network/Ip4Dxe/Ip4If.c
index 9cd5dd5..b0cc6a3 100644
--- a/MdeModulePkg/Universal/Network/Ip4Dxe/Ip4If.c
+++ b/MdeModulePkg/Universal/Network/Ip4Dxe/Ip4If.c
@@ -564,6 +564,11 @@
NET_CHECK_SIGNATURE (Interface, IP4_INTERFACE_SIGNATURE);
+ Len = NetGetMaskLength (SubnetMask);
+ if (Len == IP4_MASK_NUM) {
+ return EFI_INVALID_PARAMETER;
+ }
+
//
// Set the ip/netmask, then compute the subnet broadcast
// and network broadcast for easy access. When computing
@@ -575,9 +580,6 @@
Interface->Ip = IpAddr;
Interface->SubnetMask = SubnetMask;
Interface->SubnetBrdcast = (IpAddr | ~SubnetMask);
-
- Len = NetGetMaskLength (SubnetMask);
- ASSERT (Len <= IP4_MASK_MAX);
Interface->NetBrdcast = (IpAddr | ~SubnetMask);
//