Discussion:
[edk2] [PATCH 1/2] MdePkg UefiDevicePathLib: Use safe string functions
Hao Wu
2015-06-19 00:37:20 UTC
Permalink
Contributed-under: TianoCore Contribution Agreement 1.0
Signed-off-by: Hao Wu <***@intel.com>
Reviewed-by: Liming Gao <***@intel.com>
---
MdePkg/Library/UefiDevicePathLib/DevicePathFromText.c | 18 ++++++++++++++----
1 file changed, 14 insertions(+), 4 deletions(-)

diff --git a/MdePkg/Library/UefiDevicePathLib/DevicePathFromText.c b/MdePkg/Library/UefiDevicePathLib/DevicePathFromText.c
index d58f069..2ad0463 100644
--- a/MdePkg/Library/UefiDevicePathLib/DevicePathFromText.c
+++ b/MdePkg/Library/UefiDevicePathLib/DevicePathFromText.c
@@ -2596,7 +2596,7 @@ DevPathFromTextUsbWwid (
UsbWwid->VendorId = (UINT16) Strtoi (VIDStr);
UsbWwid->ProductId = (UINT16) Strtoi (PIDStr);
UsbWwid->InterfaceNumber = (UINT16) Strtoi (InterfaceNumStr);
- StrnCpy ((CHAR16 *) ((UINT8 *) UsbWwid + sizeof (USB_WWID_DEVICE_PATH)), SerialNumberStr, SerialNumberStrLen);
+ CopyMem ((CHAR16 *) ((UINT8 *) UsbWwid + sizeof (USB_WWID_DEVICE_PATH)), SerialNumberStr, SerialNumberStrLen);

return (EFI_DEVICE_PATH_PROTOCOL *) UsbWwid;
}
@@ -2759,8 +2759,18 @@ DevPathFromTextBluetooth (
if (TempNumBuffer == NULL) {
break;
}
- StrnCpy (TempNumBuffer, L"0x", TempBufferSize / sizeof (CHAR16));
- StrnCat (TempNumBuffer + StrLen (L"0x"), Walker, TempBufferSize / sizeof (CHAR16) - StrLen (L"0x") );
+ StrnCpyS (
+ TempNumBuffer,
+ TempBufferSize / sizeof (CHAR16),
+ L"0x",
+ TempBufferSize / sizeof (CHAR16) - 1
+ );
+ StrnCatS (
+ TempNumBuffer + StrLen (L"0x"),
+ TempBufferSize / sizeof (CHAR16) - StrLen (L"0x"),
+ Walker,
+ TempBufferSize / sizeof (CHAR16) - StrLen (L"0x") - 1
+ );
BluetoothDp->BD_ADDR.Address[Index] = (UINT8)Strtoi (TempNumBuffer);
FreePool (TempNumBuffer);
Index--;
@@ -2982,7 +2992,7 @@ DevPathFromTextFilePath (
(UINT16) (sizeof (FILEPATH_DEVICE_PATH) + StrLen (TextDeviceNode) * 2)
);

- StrCpy (File->PathName, TextDeviceNode);
+ StrCpyS (File->PathName, StrLen (TextDeviceNode) + 1, TextDeviceNode);

return (EFI_DEVICE_PATH_PROTOCOL *) File;
}
--
1.9.5.msysgit.0


------------------------------------------------------------------------------
Hao Wu
2015-06-19 00:37:21 UTC
Permalink
Contributed-under: TianoCore Contribution Agreement 1.0
Signed-off-by: Hao Wu <***@intel.com>
Reviewed-by: Liming Gao <***@intel.com>
---
MdePkg/Library/UefiLib/Console.c | 6 +++---
MdePkg/Library/UefiLib/UefiLibPrint.c | 4 ++--
2 files changed, 5 insertions(+), 5 deletions(-)

diff --git a/MdePkg/Library/UefiLib/Console.c b/MdePkg/Library/UefiLib/Console.c
index 73f9915..ecaf425 100644
--- a/MdePkg/Library/UefiLib/Console.c
+++ b/MdePkg/Library/UefiLib/Console.c
@@ -1,7 +1,7 @@
/** @file
This module provide help function for displaying unicode string.

- Copyright (c) 2006 - 2013, Intel Corporation. All rights reserved.<BR>
+ Copyright (c) 2006 - 2015, Intel Corporation. All rights reserved.<BR>
This program and the accompanying materials
are licensed and made available under the terms and conditions of the BSD License
which accompanies this distribution. The full text of the license may be found at
@@ -517,8 +517,8 @@ CreatePopUp (
UefiLibGetStringWidth (String, TRUE, MaxLength, &Length);
TmpString = AllocateZeroPool ((Length + 1) * sizeof (CHAR16));
ASSERT (TmpString != NULL);
- StrnCpy(TmpString, String, Length - 3);
- StrCat (TmpString, L"...");
+ StrnCpyS (TmpString, Length + 1, String, Length - 3);
+ StrCatS (TmpString, Length + 1, L"...");

ConOut->SetCursorPosition (ConOut, Column + 1, Row++);
ConOut->OutputString (ConOut, TmpString);
diff --git a/MdePkg/Library/UefiLib/UefiLibPrint.c b/MdePkg/Library/UefiLib/UefiLibPrint.c
index 1bf6d26..aade19a 100644
--- a/MdePkg/Library/UefiLib/UefiLibPrint.c
+++ b/MdePkg/Library/UefiLib/UefiLibPrint.c
@@ -2,7 +2,7 @@
Mde UEFI library API implementation.
Print to StdErr or ConOut defined in EFI_SYSTEM_TABLE

- Copyright (c) 2007 - 2012, Intel Corporation. All rights reserved.<BR>
+ Copyright (c) 2007 - 2015, Intel Corporation. All rights reserved.<BR>
This program and the accompanying materials
are licensed and made available under the terms and conditions of the BSD License
which accompanies this distribution. The full text of the license may be found at
@@ -761,7 +761,7 @@ CatVSPrint (
}

if (String != NULL) {
- StrCpy(BufferToReturn, String);
+ StrCpyS(BufferToReturn, SizeRequired / sizeof(CHAR16), String);
}

UnicodeVSPrint(BufferToReturn + StrLen(BufferToReturn), (CharactersRequired+1) * sizeof(CHAR16), FormatString, Marker);
--
1.9.5.msysgit.0


------------------------------------------------------------------------------
Loading...