Discussion:
[edk2] [PATCH v2 0/2] MdePkg: Remove unsafe string functions
Hao Wu
2015-06-26 03:07:53 UTC
Permalink
Changes between PATCH v1:
1. Replace Buf = AllocateZeroPool (size) followed by Strcpy (Buf, Source)
with Buf = AllocateCopyPool (size, Source)
2. Replace unnecessary usage of StrnCpyS/CatS with StrCpyS/CatS
3. The CopyMem() usage in file DevicePathFromText.c for the first patch is
a mistake. It's been fixed in this patch.

Hao Wu (2):
MdePkg UefiDevicePathLib: Remove unsafe string functions
MdePkg UefiLib: Use safe string functions

MdePkg/Library/UefiDevicePathLib/DevicePathFromText.c | 17 +++++++++++++----
MdePkg/Library/UefiLib/Console.c | 6 +++---
MdePkg/Library/UefiLib/UefiLibPrint.c | 8 ++------
3 files changed, 18 insertions(+), 13 deletions(-)
--
1.9.5.msysgit.0
Hao Wu
2015-06-26 03:07:54 UTC
Permalink
Contributed-under: TianoCore Contribution Agreement 1.0
Signed-off-by: Hao Wu <***@intel.com>
Reviewed-by: Liming Gao <***@intel.com>
Reviewed-by: Jaben Carsey <***@intel.com>
---
MdePkg/Library/UefiDevicePathLib/DevicePathFromText.c | 17 +++++++++++++----
1 file changed, 13 insertions(+), 4 deletions(-)

diff --git a/MdePkg/Library/UefiDevicePathLib/DevicePathFromText.c b/MdePkg/Library/UefiDevicePathLib/DevicePathFromText.c
index d58f069..a05f42c 100644
--- a/MdePkg/Library/UefiDevicePathLib/DevicePathFromText.c
+++ b/MdePkg/Library/UefiDevicePathLib/DevicePathFromText.c
@@ -2596,7 +2596,16 @@ DevPathFromTextUsbWwid (
UsbWwid->VendorId = (UINT16) Strtoi (VIDStr);
UsbWwid->ProductId = (UINT16) Strtoi (PIDStr);
UsbWwid->InterfaceNumber = (UINT16) Strtoi (InterfaceNumStr);
- StrnCpy ((CHAR16 *) ((UINT8 *) UsbWwid + sizeof (USB_WWID_DEVICE_PATH)), SerialNumberStr, SerialNumberStrLen);
+
+ //
+ // There is no memory allocated in UsbWwid for the '\0' in SerialNumberStr.
+ // Therefore, the '\0' will not be copied.
+ //
+ CopyMem (
+ (UINT8 *) UsbWwid + sizeof (USB_WWID_DEVICE_PATH),
+ SerialNumberStr,
+ SerialNumberStrLen * sizeof (CHAR16)
+ );

return (EFI_DEVICE_PATH_PROTOCOL *) UsbWwid;
}
@@ -2759,8 +2768,8 @@ DevPathFromTextBluetooth (
if (TempNumBuffer == NULL) {
break;
}
- StrnCpy (TempNumBuffer, L"0x", TempBufferSize / sizeof (CHAR16));
- StrnCat (TempNumBuffer + StrLen (L"0x"), Walker, TempBufferSize / sizeof (CHAR16) - StrLen (L"0x") );
+ StrCpyS (TempNumBuffer, TempBufferSize / sizeof (CHAR16), L"0x");
+ StrCatS (TempNumBuffer, TempBufferSize / sizeof (CHAR16), Walker);
BluetoothDp->BD_ADDR.Address[Index] = (UINT8)Strtoi (TempNumBuffer);
FreePool (TempNumBuffer);
Index--;
@@ -2982,7 +2991,7 @@ DevPathFromTextFilePath (
(UINT16) (sizeof (FILEPATH_DEVICE_PATH) + StrLen (TextDeviceNode) * 2)
);

- StrCpy (File->PathName, TextDeviceNode);
+ StrCpyS (File->PathName, StrLen (TextDeviceNode) + 1, TextDeviceNode);

return (EFI_DEVICE_PATH_PROTOCOL *) File;
}
--
1.9.5.msysgit.0
Hao Wu
2015-06-26 03:07:55 UTC
Permalink
Contributed-under: TianoCore Contribution Agreement 1.0
Signed-off-by: Hao Wu <***@intel.com>
Reviewed-by: Liming Gao <***@intel.com>
Reviewed-by: Jaben Carsey <***@intel.com>
---
MdePkg/Library/UefiLib/Console.c | 6 +++---
MdePkg/Library/UefiLib/UefiLibPrint.c | 8 ++------
2 files changed, 5 insertions(+), 9 deletions(-)

diff --git a/MdePkg/Library/UefiLib/Console.c b/MdePkg/Library/UefiLib/Console.c
index 73f9915..ecaf425 100644
--- a/MdePkg/Library/UefiLib/Console.c
+++ b/MdePkg/Library/UefiLib/Console.c
@@ -1,7 +1,7 @@
/** @file
This module provide help function for displaying unicode string.

- Copyright (c) 2006 - 2013, Intel Corporation. All rights reserved.<BR>
+ Copyright (c) 2006 - 2015, Intel Corporation. All rights reserved.<BR>
This program and the accompanying materials
are licensed and made available under the terms and conditions of the BSD License
which accompanies this distribution. The full text of the license may be found at
@@ -517,8 +517,8 @@ CreatePopUp (
UefiLibGetStringWidth (String, TRUE, MaxLength, &Length);
TmpString = AllocateZeroPool ((Length + 1) * sizeof (CHAR16));
ASSERT (TmpString != NULL);
- StrnCpy(TmpString, String, Length - 3);
- StrCat (TmpString, L"...");
+ StrnCpyS (TmpString, Length + 1, String, Length - 3);
+ StrCatS (TmpString, Length + 1, L"...");

ConOut->SetCursorPosition (ConOut, Column + 1, Row++);
ConOut->OutputString (ConOut, TmpString);
diff --git a/MdePkg/Library/UefiLib/UefiLibPrint.c b/MdePkg/Library/UefiLib/UefiLibPrint.c
index 1bf6d26..cc41eb0 100644
--- a/MdePkg/Library/UefiLib/UefiLibPrint.c
+++ b/MdePkg/Library/UefiLib/UefiLibPrint.c
@@ -2,7 +2,7 @@
Mde UEFI library API implementation.
Print to StdErr or ConOut defined in EFI_SYSTEM_TABLE

- Copyright (c) 2007 - 2012, Intel Corporation. All rights reserved.<BR>
+ Copyright (c) 2007 - 2015, Intel Corporation. All rights reserved.<BR>
This program and the accompanying materials
are licensed and made available under the terms and conditions of the BSD License
which accompanies this distribution. The full text of the license may be found at
@@ -754,16 +754,12 @@ CatVSPrint (
SizeRequired = sizeof(CHAR16) + (CharactersRequired * sizeof(CHAR16));
}

- BufferToReturn = AllocateZeroPool(SizeRequired);
+ BufferToReturn = AllocateCopyPool(SizeRequired, String);

if (BufferToReturn == NULL) {
return NULL;
}

- if (String != NULL) {
- StrCpy(BufferToReturn, String);
- }
-
UnicodeVSPrint(BufferToReturn + StrLen(BufferToReturn), (CharactersRequired+1) * sizeof(CHAR16), FormatString, Marker);

ASSERT(StrSize(BufferToReturn)==SizeRequired);
--
1.9.5.msysgit.0
Loading...