This patch is to resolve the lock-up issue if the value of HTTP header
is blank. The issue is recorded @
https://bugzilla.tianocore.org/show_bug.cgi?id=1102.
Cc: Stephen Benjamin <step...@redhat.com>
Cc: Laszlo Ersek <ler...@redhat.com>
Cc: Ye Ting <ting...@intel.com>
Cc: Fu Siyuan <siyuan...@intel.com>
Contributed-under: TianoCore Contribution Agreement 1.1
Signed-off-by: Wu Jiaxin <jiaxin...@intel.com>
---
MdeModulePkg/Library/DxeHttpLib/DxeHttpLib.c | 57 +++++++++++++++-----
1 file changed, 44 insertions(+), 13 deletions(-)
diff --git a/MdeModulePkg/Library/DxeHttpLib/DxeHttpLib.c
b/MdeModulePkg/Library/DxeHttpLib/DxeHttpLib.c
index 5fbb50d03a..2fc3da8a2d 100644
--- a/MdeModulePkg/Library/DxeHttpLib/DxeHttpLib.c
+++ b/MdeModulePkg/Library/DxeHttpLib/DxeHttpLib.c
@@ -1595,63 +1595,94 @@ HttpGetFieldNameAndValue (
return NULL;
}
//
// Each header field consists of a name followed by a colon (":") and the
field value.
+ // The field value MAY be preceded by any amount of LWS, though a single SP
is preferred.
+ //
+ // message-header = field-name ":" [ field-value ]
+ // field-name = token
+ // field-value = *( field-content | LWS )
+ //
+ // Note: "*(element)" allows any number element, including zero;
"1*(element)" requires at least one element.
+ // [element] means element is optional.
+ // LWS = [CRLF] 1*(SP|HT), it can be ' ' or '\t' or '\r\n ' or
'\r\n\t'.
+ // CRLF = '\r\n'.
+ // SP = ' '.
+ // HT = '\t' (Tab).
//
FieldNameStr = String;
FieldValueStr = AsciiStrGetNextToken (FieldNameStr, ':');
if (FieldValueStr == NULL) {
return NULL;
}
//
- // Replace ':' with 0
+ // Replace ':' with 0, then FieldName has been retrived from String.
//
*(FieldValueStr - 1) = 0;
//
- // The field value MAY be preceded by any amount of LWS, though a single SP
is preferred.
- // Note: LWS = [CRLF] 1*(SP|HT), it can be '\r\n ' or '\r\n\t' or ' ' or
'\t'.
- // CRLF = '\r\n'.
- // SP = ' '.
- // HT = '\t' (Tab).
+ // Handle FieldValueStr, skip all the preceded LWS.
//
while (TRUE) {
if (*FieldValueStr == ' ' || *FieldValueStr == '\t') {
//
// Boundary condition check.
//
if ((UINTN) EndofHeader - (UINTN) FieldValueStr < 1) {
+ //
+ // Wrong String format!
+ //
return NULL;
}
FieldValueStr ++;
} else if (*FieldValueStr == '\r') {
//
// Boundary condition check.
//
if ((UINTN) EndofHeader - (UINTN) FieldValueStr < 3) {
- return NULL;
+ //
+ // No more preceded LWS, so break here.
+ //
+ break;
}
- if (*(FieldValueStr + 1) == '\n' && (*(FieldValueStr + 2) == ' ' ||
*(FieldValueStr + 2) == '\t')) {
- FieldValueStr = FieldValueStr + 3;
+ if (*(FieldValueStr + 1) == '\n' ) {
+ if (*(FieldValueStr + 2) == ' ' || *(FieldValueStr + 2) == '\t') {
+ FieldValueStr = FieldValueStr + 3;
+ } else {
+ //
+ // No more preceded LWS, so break here.
+ //
+ break;
+ }
+ } else {
+ //
+ // Wrong String format!
+ //
+ return NULL;
}
} else {
+ //
+ // No more preceded LWS, so break here.
+ //
break;
}
}
- //
- // Header fields can be extended over multiple lines by preceding each extra
- // line with at least one SP or HT.
- //
StrPtr = FieldValueStr;
do {
+ //
+ // Handle the LWS within the field value.
+ //
StrPtr = AsciiStrGetNextToken (StrPtr, '\r');
if (StrPtr == NULL || *StrPtr != '\n') {
+ //
+ // Wrong String format!
+ //
return NULL;
}
StrPtr++;
} while (*StrPtr == ' ' || *StrPtr == '\t');
--
2.17.1.windows.2
_______________________________________________
edk2-devel mailing list
edk2-devel@lists.01.org
https://lists.01.org/mailman/listinfo/edk2-devel
