Revision: 15888
http://sourceforge.net/p/edk2/code/15888
Author: shenshushi
Date: 2014-08-25 08:04:52 +0000 (Mon, 25 Aug 2014)
Log Message:
-----------
Append the terminating null character at the end of the string to avoid buffer
overflow.
Contributed-under: TianoCore Contribution Agreement 1.0
Signed-off-by: Qiu Shumin <[email protected]>
Reviewed-by: Fu Siyuan <[email protected]>
Modified Paths:
--------------
trunk/edk2/MdeModulePkg/Universal/Network/UefiPxeBcDxe/PxeBcMtftp.c
trunk/edk2/MdeModulePkg/Universal/Network/UefiPxeBcDxe/PxeBcMtftp.h
trunk/edk2/NetworkPkg/Application/IpsecConfig/Indexer.c
trunk/edk2/NetworkPkg/UefiPxeBcDxe/PxeBcMtftp.c
Modified: trunk/edk2/MdeModulePkg/Universal/Network/UefiPxeBcDxe/PxeBcMtftp.c
===================================================================
--- trunk/edk2/MdeModulePkg/Universal/Network/UefiPxeBcDxe/PxeBcMtftp.c
2014-08-25 05:00:34 UTC (rev 15887)
+++ trunk/edk2/MdeModulePkg/Universal/Network/UefiPxeBcDxe/PxeBcMtftp.c
2014-08-25 08:04:52 UTC (rev 15888)
@@ -60,7 +60,8 @@
if (Packet->OpCode == EFI_MTFTP4_OPCODE_ERROR) {
Private->Mode.TftpErrorReceived = TRUE;
Private->Mode.TftpError.ErrorCode = (UINT8) Packet->Error.ErrorCode;
- AsciiStrnCpy (Private->Mode.TftpError.ErrorString, (CHAR8 *)
Packet->Error.ErrorMessage, 127);
+ AsciiStrnCpy (Private->Mode.TftpError.ErrorString, (CHAR8 *)
Packet->Error.ErrorMessage, PXE_MTFTP_ERROR_STRING_LENGTH);
+ Private->Mode.TftpError.ErrorString[PXE_MTFTP_ERROR_STRING_LENGTH - 1] =
'\0';
}
if (Callback != NULL) {
@@ -162,8 +163,9 @@
AsciiStrnCpy (
Private->Mode.TftpError.ErrorString,
(CHAR8 *) Packet->Error.ErrorMessage,
- 127
+ PXE_MTFTP_ERROR_STRING_LENGTH
);
+ Private->Mode.TftpError.ErrorString[PXE_MTFTP_ERROR_STRING_LENGTH - 1] =
'\0';
}
goto ON_ERROR;
}
Modified: trunk/edk2/MdeModulePkg/Universal/Network/UefiPxeBcDxe/PxeBcMtftp.h
===================================================================
--- trunk/edk2/MdeModulePkg/Universal/Network/UefiPxeBcDxe/PxeBcMtftp.h
2014-08-25 05:00:34 UTC (rev 15887)
+++ trunk/edk2/MdeModulePkg/Universal/Network/UefiPxeBcDxe/PxeBcMtftp.h
2014-08-25 08:04:52 UTC (rev 15888)
@@ -1,7 +1,7 @@
/** @file
Mtftp routines for PxeBc.
-Copyright (c) 2007 - 2009, Intel Corporation. All rights reserved.<BR>
+Copyright (c) 2007 - 2014, Intel Corporation. All rights reserved.<BR>
This program and the accompanying materials
are licensed and made available under the terms and conditions of the BSD
License
which accompanies this distribution. The full text of the license may be
found at
@@ -21,7 +21,9 @@
#define PXE_MTFTP_OPTION_MULTICAST_INDEX 3
#define PXE_MTFTP_OPTION_MAXIMUM_INDEX 4
+#define PXE_MTFTP_ERROR_STRING_LENGTH 127
+
/**
This function is to get size of a file by Tftp.
Modified: trunk/edk2/NetworkPkg/Application/IpsecConfig/Indexer.c
===================================================================
--- trunk/edk2/NetworkPkg/Application/IpsecConfig/Indexer.c 2014-08-25
05:00:34 UTC (rev 15887)
+++ trunk/edk2/NetworkPkg/Application/IpsecConfig/Indexer.c 2014-08-25
08:04:52 UTC (rev 15888)
@@ -1,7 +1,7 @@
/** @file
The implementation of construct ENTRY_INDEXER in IpSecConfig application.
- Copyright (c) 2009 - 2010, Intel Corporation. All rights reserved.<BR>
+ Copyright (c) 2009 - 2014, Intel Corporation. All rights reserved.<BR>
This program and the accompanying materials
are licensed and made available under the terms and conditions of the BSD
License
@@ -234,6 +234,7 @@
}
Indexer->PadId.PeerIdValid = TRUE;
+ ZeroMem (Indexer->PadId.Id.PeerId, MAX_PEERID_LEN);
StrnCpy ((CHAR16 *) Indexer->PadId.Id.PeerId, ValueStr, ARRAY_SIZE
(Indexer->PadId.Id.PeerId) - 1);
}
}
Modified: trunk/edk2/NetworkPkg/UefiPxeBcDxe/PxeBcMtftp.c
===================================================================
--- trunk/edk2/NetworkPkg/UefiPxeBcDxe/PxeBcMtftp.c 2014-08-25 05:00:34 UTC
(rev 15887)
+++ trunk/edk2/NetworkPkg/UefiPxeBcDxe/PxeBcMtftp.c 2014-08-25 08:04:52 UTC
(rev 15888)
@@ -69,6 +69,7 @@
(CHAR8 *) Packet->Error.ErrorMessage,
PXE_MTFTP_ERROR_STRING_LENGTH
);
+ Private->Mode.TftpError.ErrorString[PXE_MTFTP_ERROR_STRING_LENGTH - 1] =
'\0';
}
if (Callback != NULL) {
@@ -182,6 +183,7 @@
(CHAR8 *) Packet->Error.ErrorMessage,
PXE_MTFTP_ERROR_STRING_LENGTH
);
+ Private->Mode.TftpError.ErrorString[PXE_MTFTP_ERROR_STRING_LENGTH - 1] =
'\0';
}
goto ON_ERROR;
}
@@ -511,6 +513,7 @@
(CHAR8 *) Packet->Error.ErrorMessage,
PXE_MTFTP_ERROR_STRING_LENGTH
);
+ Private->Mode.TftpError.ErrorString[PXE_MTFTP_ERROR_STRING_LENGTH - 1] =
'\0';
}
if (Callback != NULL) {
@@ -624,6 +627,7 @@
(CHAR8 *) Packet->Error.ErrorMessage,
PXE_MTFTP_ERROR_STRING_LENGTH
);
+ Private->Mode.TftpError.ErrorString[PXE_MTFTP_ERROR_STRING_LENGTH - 1] =
'\0';
}
goto ON_ERROR;
}
This was sent by the SourceForge.net collaborative development platform, the
world's largest Open Source development site.
------------------------------------------------------------------------------
Slashdot TV.
Video for Nerds. Stuff that matters.
http://tv.slashdot.org/
_______________________________________________
edk2-commits mailing list
[email protected]
https://lists.sourceforge.net/lists/listinfo/edk2-commits
