NetworkPkg/HttpUtilitiesDxe: fix read memory access overflow. - edk2 - Cross-platform firmware development environment

diff options

author	Li, Songpeng <songpeng.li@intel.com>	2018-09-28 11:02:35 +0800
committer	Fu Siyuan <siyuan.fu@intel.com>	2018-09-29 10:51:37 +0800
commit	130e62928449ba35375282e045aecb8cc29697ec (patch)
tree	617b1d63127ec06e9a94f4c3b6733ebb8d870804 /BaseTools/Source/Python/Table
parent	2239ea71b65072ce3c76d56e7074d2ee60ba1762 (diff)
download	edk2-130e62928449ba35375282e045aecb8cc29697ec.tar.gz edk2-130e62928449ba35375282e045aecb8cc29697ec.tar.bz2 edk2-130e62928449ba35375282e045aecb8cc29697ec.zip

NetworkPkg/HttpUtilitiesDxe: fix read memory access overflow.

The input param String of AsciiStrStr() requires a pointer to Null-terminated string, however in HttpUtilitiesParse(), the Buffersize before AllocateZeroPool() is equal to the size of TCP header, after the CopyMem(), it might not end with Null-terminator. It might cause memory access overflow. Cc: Fu Siyuan <siyuan.fu@intel.com> Cc: Wu Jiaxin <jiaxin.wu@intel.com> Ref: https://bugzilla.tianocore.org/show_bug.cgi?id=1204 Contributed-under: TianoCore Contribution Agreement 1.1 Signed-off-by: Songpeng Li <songpeng.li@intel.com> Reviewed-by: Fu Siyuan <siyuan.fu@intel.com>

Diffstat (limited to 'BaseTools/Source/Python/Table')

0 files changed, 0 insertions, 0 deletions


context:
space:
mode: