[edk2] [patch] MdeModulePkg:Replace unsafe string function with safe one.

Wed, 25 Nov 2015 23:03:19 -0800 

Cc: Liming Gao <[email protected]>
Cc: Eric Dong <[email protected]>
Cc: Qiu Shumin <[email protected]>
Contributed-under: TianoCore Contribution Agreement 1.0
Signed-off-by: Dandan Bi <[email protected]>
---
 MdeModulePkg/Library/FileExplorerLib/FileExplorer.c | 20 +++++++++++---------
 1 file changed, 11 insertions(+), 9 deletions(-)

diff --git a/MdeModulePkg/Library/FileExplorerLib/FileExplorer.c 
b/MdeModulePkg/Library/FileExplorerLib/FileExplorer.c
index 4e25efc..012f446 100644
--- a/MdeModulePkg/Library/FileExplorerLib/FileExplorer.c
+++ b/MdeModulePkg/Library/FileExplorerLib/FileExplorer.c
@@ -606,29 +606,31 @@ LibAppendFileName (
   IN  CHAR16  *Str2
   )
 {
   UINTN   Size1;
   UINTN   Size2;
+  UINTN   MaxLen;
   CHAR16  *Str;
   CHAR16  *TmpStr;
   CHAR16  *Ptr;
   CHAR16  *LastSlash;
 
   Size1 = StrSize (Str1);
   Size2 = StrSize (Str2);
+  MaxLen = (Size1 + Size2 + sizeof (CHAR16))/ sizeof (CHAR16);
   Str   = AllocateZeroPool (Size1 + Size2 + sizeof (CHAR16));
   ASSERT (Str != NULL);
 
   TmpStr = AllocateZeroPool (Size1 + Size2 + sizeof (CHAR16)); 
   ASSERT (TmpStr != NULL);
 
-  StrCat (Str, Str1);
+  StrCatS (Str, MaxLen, Str1);
   if (!((*Str == '\\') && (*(Str + 1) == 0))) {
-    StrCat (Str, L"\\");
+    StrCatS (Str, MaxLen, L"\\");
   }
 
-  StrCat (Str, Str2);
+  StrCatS (Str, MaxLen, Str2);
 
   Ptr       = Str;
   LastSlash = Str;
   while (*Ptr != 0) {
     if (*Ptr == '\\' && *(Ptr + 1) == '.' && *(Ptr + 2) == '.' && *(Ptr + 3) 
== L'\\') {
@@ -637,27 +639,27 @@ LibAppendFileName (
       // DO NOT convert the .. if it is at the end of the string. This will
       // break the .. behavior in changing directories.
       //
 
       //
-      // Use TmpStr as a backup, as StrCpy in BaseLib does not handle copy of 
two strings 
+      // Use TmpStr as a backup, as StrCpyS in BaseLib does not handle copy of 
two strings 
       // that overlap.
       //
-      StrCpy (TmpStr, Ptr + 3);
-      StrCpy (LastSlash, TmpStr);
+      StrCpyS (TmpStr, MaxLen, Ptr + 3);
+      StrCpyS (LastSlash, MaxLen - (UINTN) (LastSlash - Str), TmpStr);
       Ptr = LastSlash;
     } else if (*Ptr == '\\' && *(Ptr + 1) == '.' && *(Ptr + 2) == '\\') {
       //
       // Convert a "\.\" to a "\"
       //
 
       //
-      // Use TmpStr as a backup, as StrCpy in BaseLib does not handle copy of 
two strings 
+      // Use TmpStr as a backup, as StrCpyS in BaseLib does not handle copy of 
two strings 
       // that overlap.
       //
-      StrCpy (TmpStr, Ptr + 2);
-      StrCpy (Ptr, TmpStr);
+      StrCpyS (TmpStr, MaxLen, Ptr + 2);
+      StrCpyS (Ptr, MaxLen - (UINTN) (Ptr - Str), TmpStr);
       Ptr = LastSlash;
     } else if (*Ptr == '\\') {
       LastSlash = Ptr;
     }
 
-- 
1.9.5.msysgit.1

_______________________________________________
edk2-devel mailing list
[email protected]
https://lists.01.org/mailman/listinfo/edk2-devel

Reply via email to