diff options
| author | Siyuan Fu <siyuan.fu@intel.com> | 2020-02-21 10:14:18 +0800 |
|---|---|---|
| committer | mergify[bot] <37929162+mergify[bot]@users.noreply.github.com> | 2020-02-21 03:01:57 +0000 |
| commit | 1d3215fd24f47eaa4877542a59b4bbf5afc0cfe8 (patch) | |
| tree | 9ccb4188e674efd81298daf8dd6d50a72ce35cc5 /NetworkPkg | |
| parent | b85048261aa5dc0b8fd98ddc4431d8c2a6389b25 (diff) | |
| download | edk2-1d3215fd24f47eaa4877542a59b4bbf5afc0cfe8.tar.gz edk2-1d3215fd24f47eaa4877542a59b4bbf5afc0cfe8.tar.bz2 edk2-1d3215fd24f47eaa4877542a59b4bbf5afc0cfe8.zip | |
NetworkPkg/ArpDxe: Recycle invalid ARP packets (CVE-2019-14559)
REF: https://bugzilla.tianocore.org/show_bug.cgi?id=2031
This patch triggers the RecycleEvent for invalid ARP packets.
Prior to this, we would just ignore invalid ARP packets,
and never free them.
Cc: Jiaxin Wu <jiaxin.wu@intel.com>
Cc: Maciej Rabeda <maciej.rabeda@linux.intel.com>
Cc: Siyuan Fu <siyuan.fu@intel.com>
Signed-off-by: Nicholas Armour <nicholas.armour@intel.com>
Reviewed-by: Siyuan Fu <siyuan.fu@intel.com>
Diffstat (limited to 'NetworkPkg')
| -rw-r--r-- | NetworkPkg/ArpDxe/ArpImpl.c | 6 |
1 files changed, 3 insertions, 3 deletions
diff --git a/NetworkPkg/ArpDxe/ArpImpl.c b/NetworkPkg/ArpDxe/ArpImpl.c index 9cdb33f2bd..ed2d756d3e 100644 --- a/NetworkPkg/ArpDxe/ArpImpl.c +++ b/NetworkPkg/ArpDxe/ArpImpl.c @@ -1,7 +1,7 @@ /** @file
The implementation of the ARP protocol.
-Copyright (c) 2006 - 2018, Intel Corporation. All rights reserved.<BR>
+Copyright (c) 2006 - 2020, Intel Corporation. All rights reserved.<BR>
SPDX-License-Identifier: BSD-2-Clause-Patent
**/
@@ -113,7 +113,7 @@ ArpOnFrameRcvdDpc ( //
// Restart the receiving if packet size is not correct.
//
- goto RESTART_RECEIVE;
+ goto RECYCLE_RXDATA;
}
//
@@ -125,7 +125,7 @@ ArpOnFrameRcvdDpc ( Head->OpCode = NTOHS (Head->OpCode);
if (RxData->DataLength < (sizeof (ARP_HEAD) + 2 * Head->HwAddrLen + 2 * Head->ProtoAddrLen)) {
- goto RESTART_RECEIVE;
+ goto RECYCLE_RXDATA;
}
if ((Head->HwType != ArpService->SnpMode.IfType) ||
|