Replace unsafe String functions with new added safe string functions Contributed-under: TianoCore Contribution Agreement 1.0 Signed-off-by: Dandan Bi <dandan...@intel.com> --- MdeModulePkg/Library/UefiHiiLib/HiiLib.c | 25 +++++---- .../Universal/DisplayEngineDxe/FormDisplay.c | 32 +++++------ .../Universal/DisplayEngineDxe/InputHandler.c | 20 +++---- .../Universal/DisplayEngineDxe/ProcessOptions.c | 32 ++++++----- .../Universal/DriverSampleDxe/DriverSample.c | 10 ++-- .../HiiDatabaseDxe/ConfigKeywordHandler.c | 56 ++++++++++--------- .../Universal/HiiDatabaseDxe/ConfigRouting.c | 62 ++++++++++++---------- MdeModulePkg/Universal/HiiDatabaseDxe/Database.c | 6 +-- MdeModulePkg/Universal/HiiDatabaseDxe/Font.c | 20 ++++--- MdeModulePkg/Universal/HiiDatabaseDxe/String.c | 10 ++-- .../Universal/SetupBrowserDxe/Expression.c | 8 +-- MdeModulePkg/Universal/SetupBrowserDxe/IfrParse.c | 17 +++--- MdeModulePkg/Universal/SetupBrowserDxe/Setup.c | 60 ++++++++++++--------- 13 files changed, 202 insertions(+), 156 deletions(-)
diff --git a/MdeModulePkg/Library/UefiHiiLib/HiiLib.c b/MdeModulePkg/Library/UefiHiiLib/HiiLib.c index 7ae5c4c..bee5e0d 100644 --- a/MdeModulePkg/Library/UefiHiiLib/HiiLib.c +++ b/MdeModulePkg/Library/UefiHiiLib/HiiLib.c @@ -1,9 +1,9 @@ /** @file HII Library implementation that uses DXE protocols and services. - Copyright (c) 2006 - 2013, Intel Corporation. All rights reserved.<BR> + Copyright (c) 2006 - 2015, Intel Corporation. All rights reserved.<BR> This program and the accompanying materials are licensed and made available under the terms and conditions of the BSD License which accompanies this distribution. The full text of the license may be found at http://opensource.org/licenses/bsd-license.php @@ -604,10 +604,11 @@ HiiConstructConfigHdr ( UINTN DevicePathSize; CHAR16 *String; CHAR16 *ReturnString; UINTN Index; UINT8 *Buffer; + UINTN MaxLen; // // Compute the length of Name in Unicode characters. // If Name is NULL, then the length is 0. // @@ -634,19 +635,21 @@ HiiConstructConfigHdr ( // // GUID=<HexCh>32&NAME=<Char>NameLength&PATH=<HexChar>DevicePathSize <Null> // | 5 | sizeof (EFI_GUID) * 2 | 6 | NameStrLen*4 | 6 | DevicePathSize * 2 | 1 | // - String = AllocateZeroPool ((5 + sizeof (EFI_GUID) * 2 + 6 + NameLength * 4 + 6 + DevicePathSize * 2 + 1) * sizeof (CHAR16)); + MaxLen = 5 + sizeof (EFI_GUID) * 2 + 6 + NameLength * 4 + 6 + DevicePathSize * 2 + 1; + String = AllocateZeroPool (MaxLen * sizeof (CHAR16)); if (String == NULL) { return NULL; } // // Start with L"GUID=" // - ReturnString = StrCpy (String, L"GUID="); + StrCpyS (String, MaxLen, L"GUID="); + ReturnString = String; String += StrLen (String); if (Guid != NULL) { // // Append Guid converted to <HexCh>32 @@ -657,11 +660,11 @@ HiiConstructConfigHdr ( } // // Append L"&NAME=" // - StrCpy (String, L"&NAME="); + StrCpyS (String, MaxLen, L"&NAME="); String += StrLen (String); if (Name != NULL) { // // Append Name converted to <Char>NameLength @@ -672,11 +675,11 @@ HiiConstructConfigHdr ( } // // Append L"&PATH=" // - StrCpy (String, L"&PATH="); + StrCpyS (String, MaxLen, L"&PATH="); String += StrLen (String); // // Append the device path associated with DriverHandle converted to <HexChar>DevicePathSize // @@ -784,11 +787,11 @@ InternalHiiGetBufferFromString ( // Convert character one by one // StringPtr = (CHAR16 *) DataBuffer; ZeroMem (TemStr, sizeof (TemStr)); for (Index = 0; Index < Length; Index += 4) { - StrnCpy (TemStr, ConfigHdr + Index, 4); + StrnCpyS (TemStr, sizeof (TemStr) / sizeof (CHAR16), ConfigHdr + Index, 4); StringPtr[Index/4] = (CHAR16) StrHexToUint64 (TemStr); } // // Add tailing L'\0' character // @@ -2009,10 +2012,11 @@ InternalHiiIfrValueAction ( EFI_GUID *VarGuid; EFI_STRING VarName; EFI_HII_PACKAGE_LIST_HEADER *HiiPackageList; UINTN PackageListLength; + UINTN MaxLen; EFI_DEVICE_PATH_PROTOCOL *DevicePath; EFI_DEVICE_PATH_PROTOCOL *TempDevicePath; ConfigAltResp = NULL; ConfigResp = NULL; @@ -2264,18 +2268,19 @@ NextConfigAltResp: // // Construct ConfigAltHdr string "&<ConfigHdr>&ALTCFG=\0" // | 1 | StrLen (ConfigHdr) | 8 | 1 | // - ConfigAltHdr = AllocateZeroPool ((1 + StringPtr - StringHdr + 8 + 1) * sizeof (CHAR16)); + MaxLen = 1 + StringPtr - StringHdr + 8 + 1; + ConfigAltHdr = AllocateZeroPool ( MaxLen * sizeof (CHAR16)); if (ConfigAltHdr == NULL) { Status = EFI_OUT_OF_RESOURCES; goto Done; } - StrCpy (ConfigAltHdr, L"&"); - StrnCat (ConfigAltHdr, StringHdr, StringPtr - StringHdr); - StrCat (ConfigAltHdr, L"&ALTCFG="); + StrCpyS (ConfigAltHdr, MaxLen, L"&"); + StrnCatS (ConfigAltHdr, MaxLen, StringHdr, StringPtr - StringHdr); + StrCatS (ConfigAltHdr, MaxLen, L"&ALTCFG="); // // Skip all AltResp (AltConfigHdr ConfigBody) for the same ConfigHdr // while ((StringHdr = StrStr (StringPtr, ConfigAltHdr)) != NULL) { diff --git a/MdeModulePkg/Universal/DisplayEngineDxe/FormDisplay.c b/MdeModulePkg/Universal/DisplayEngineDxe/FormDisplay.c index e198a5e..0e70a9e 100644 --- a/MdeModulePkg/Universal/DisplayEngineDxe/FormDisplay.c +++ b/MdeModulePkg/Universal/DisplayEngineDxe/FormDisplay.c @@ -2147,10 +2147,11 @@ FxConfirmPopup ( CHAR16 *CfmStr; UINTN CfmStrLen; UINT32 CheckFlags; BOOLEAN RetVal; UINTN CatLen; + UINTN MaxLen; CfmStrLen = 0; CatLen = StrLen (gConfirmMsgConnect); // @@ -2207,54 +2208,55 @@ FxConfirmPopup ( // // Allocate buffer to save the string. // String + "?" + "\0" // - CfmStr = AllocateZeroPool ((CfmStrLen + 1 + 1) * sizeof (CHAR16)); + MaxLen = CfmStrLen + 1 + 1; + CfmStr = AllocateZeroPool (MaxLen * sizeof (CHAR16)); ASSERT (CfmStr != NULL); if ((Action & BROWSER_ACTION_DISCARD) == BROWSER_ACTION_DISCARD) { - StrCpy (CfmStr, gConfirmDiscardMsg); + StrCpyS (CfmStr, MaxLen, gConfirmDiscardMsg); } if ((Action & BROWSER_ACTION_DEFAULT) == BROWSER_ACTION_DEFAULT) { if (CfmStr[0] != 0) { - StrCat (CfmStr, gConfirmMsgConnect); - StrCat (CfmStr, gConfirmDefaultMsg2nd); + StrCatS (CfmStr, MaxLen, gConfirmMsgConnect); + StrCatS (CfmStr, MaxLen, gConfirmDefaultMsg2nd); } else { - StrCpy (CfmStr, gConfirmDefaultMsg); + StrCpyS (CfmStr, MaxLen, gConfirmDefaultMsg); } } if ((Action & BROWSER_ACTION_SUBMIT) == BROWSER_ACTION_SUBMIT) { if (CfmStr[0] != 0) { - StrCat (CfmStr, gConfirmMsgConnect); - StrCat (CfmStr, gConfirmSubmitMsg2nd); + StrCatS (CfmStr, MaxLen, gConfirmMsgConnect); + StrCatS (CfmStr, MaxLen, gConfirmSubmitMsg2nd); } else { - StrCpy (CfmStr, gConfirmSubmitMsg); + StrCpyS (CfmStr, MaxLen, gConfirmSubmitMsg); } } if ((Action & BROWSER_ACTION_RESET) == BROWSER_ACTION_RESET) { if (CfmStr[0] != 0) { - StrCat (CfmStr, gConfirmMsgConnect); - StrCat (CfmStr, gConfirmResetMsg2nd); + StrCatS (CfmStr, MaxLen, gConfirmMsgConnect); + StrCatS (CfmStr, MaxLen, gConfirmResetMsg2nd); } else { - StrCpy (CfmStr, gConfirmResetMsg); + StrCpyS (CfmStr, MaxLen, gConfirmResetMsg); } } if ((Action & BROWSER_ACTION_EXIT) == BROWSER_ACTION_EXIT) { if (CfmStr[0] != 0) { - StrCat (CfmStr, gConfirmMsgConnect); - StrCat (CfmStr, gConfirmExitMsg2nd); + StrCatS (CfmStr, MaxLen, gConfirmMsgConnect); + StrCatS (CfmStr, MaxLen, gConfirmExitMsg2nd); } else { - StrCpy (CfmStr, gConfirmExitMsg); + StrCpyS (CfmStr, MaxLen, gConfirmExitMsg); } } - StrCat (CfmStr, gConfirmMsgEnd); + StrCatS (CfmStr, MaxLen, gConfirmMsgEnd); do { CreateDialog (&Key, gEmptyString, CfmStr, gConfirmOpt, gEmptyString, NULL); } while (((Key.UnicodeChar | UPPER_LOWER_CASE_OFFSET) != (gConfirmOptYes[0] | UPPER_LOWER_CASE_OFFSET)) && ((Key.UnicodeChar | UPPER_LOWER_CASE_OFFSET) != (gConfirmOptNo[0] | UPPER_LOWER_CASE_OFFSET))); diff --git a/MdeModulePkg/Universal/DisplayEngineDxe/InputHandler.c b/MdeModulePkg/Universal/DisplayEngineDxe/InputHandler.c index a0b87ff..bbbbdaa 100644 --- a/MdeModulePkg/Universal/DisplayEngineDxe/InputHandler.c +++ b/MdeModulePkg/Universal/DisplayEngineDxe/InputHandler.c @@ -1,9 +1,9 @@ /** @file Implementation for handling user input from the User Interfaces. -Copyright (c) 2004 - 2012, Intel Corporation. All rights reserved.<BR> +Copyright (c) 2004 - 2015, Intel Corporation. All rights reserved.<BR> This program and the accompanying materials are licensed and made available under the terms and conditions of the BSD License which accompanies this distribution. The full text of the license may be found at http://opensource.org/licenses/bsd-license.php @@ -82,10 +82,11 @@ ReadString ( BOOLEAN CursorVisible; UINTN Minimum; UINTN Maximum; FORM_DISPLAY_ENGINE_STATEMENT *Question; BOOLEAN IsPassword; + UINTN MaxLen; DimensionsWidth = gStatementDimensions.RightColumn - gStatementDimensions.LeftColumn; DimensionsHeight = gStatementDimensions.BottomRow - gStatementDimensions.TopRow; NullCharacter = CHAR_NULL; @@ -100,11 +101,12 @@ ReadString ( IsPassword = TRUE; } else { IsPassword = FALSE; } - TempString = AllocateZeroPool ((Maximum + 1)* sizeof (CHAR16)); + MaxLen = Maximum + 1; + TempString = AllocateZeroPool (MaxLen * sizeof (CHAR16)); ASSERT (TempString); if (ScreenSize < (Maximum + 1)) { ScreenSize = Maximum + 1; } @@ -242,35 +244,35 @@ ReadString ( TempString[Index] = CHAR_NULL; } // // Effectively truncate string by 1 character // - StrCpy (StringPtr, TempString); + StrCpyS (StringPtr, MaxLen, TempString); CurrentCursor --; } default: // // If it is the beginning of the string, don't worry about checking maximum limits // if ((StringPtr[0] == CHAR_NULL) && (Key.UnicodeChar != CHAR_BACKSPACE)) { - StrnCpy (StringPtr, &Key.UnicodeChar, 1); + StrnCpyS (StringPtr, MaxLen, &Key.UnicodeChar, 1); CurrentCursor++; } else if ((GetStringWidth (StringPtr) < ((Maximum + 1) * sizeof (CHAR16))) && (Key.UnicodeChar != CHAR_BACKSPACE)) { KeyPad[0] = Key.UnicodeChar; KeyPad[1] = CHAR_NULL; Count = GetStringWidth (StringPtr) / 2 - 1; if (CurrentCursor < Count) { for (Index = 0; Index < CurrentCursor; Index++) { TempString[Index] = StringPtr[Index]; } TempString[Index] = CHAR_NULL; - StrCat (TempString, KeyPad); - StrCat (TempString, StringPtr + CurrentCursor); - StrCpy (StringPtr, TempString); + StrCatS (TempString, MaxLen, KeyPad); + StrCatS (TempString, MaxLen, StringPtr + CurrentCursor); + StrCpyS (StringPtr, MaxLen, TempString); } else { - StrCat (StringPtr, KeyPad); + StrCatS (StringPtr, MaxLen, KeyPad); } CurrentCursor++; } // @@ -1445,11 +1447,11 @@ GetSelectionInputPopUp ( TempStringPtr = AllocateZeroPool (sizeof (CHAR16) * (PopUpWidth - 1)); ASSERT ( TempStringPtr != NULL ); CopyMem (TempStringPtr, StringPtr, (sizeof (CHAR16) * (PopUpWidth - 5))); FreePool (StringPtr); StringPtr = TempStringPtr; - StrCat (StringPtr, L"..."); + StrCatS (StringPtr, PopUpWidth - 1, L"..."); } if (Index == HighlightOptionIndex) { // // Highlight the selected one diff --git a/MdeModulePkg/Universal/DisplayEngineDxe/ProcessOptions.c b/MdeModulePkg/Universal/DisplayEngineDxe/ProcessOptions.c index 84ae03e..926d18b 100644 --- a/MdeModulePkg/Universal/DisplayEngineDxe/ProcessOptions.c +++ b/MdeModulePkg/Universal/DisplayEngineDxe/ProcessOptions.c @@ -1,10 +1,10 @@ /** @file Implementation for handling the User Interface option processing. -Copyright (c) 2004 - 2014, Intel Corporation. All rights reserved.<BR> +Copyright (c) 2004 - 2015, Intel Corporation. All rights reserved.<BR> This program and the accompanying materials are licensed and made available under the terms and conditions of the BSD License which accompanies this distribution. The full text of the license may be found at http://opensource.org/licenses/bsd-license.php @@ -26,10 +26,11 @@ WITHOUT WARRANTIES OR REPRESENTATIONS OF ANY KIND, EITHER EXPRESS OR IMPLIED. **/ VOID NewStrCat ( IN OUT CHAR16 *Destination, + IN UINTN DestMax, IN CHAR16 *Source ) { UINTN Length; @@ -43,11 +44,11 @@ NewStrCat ( // If this assumption changes, we need to make this routine a bit more complex // Destination[Length] = NARROW_CHAR; Length++; - StrCpy (Destination + Length, Source); + StrCpyS (Destination + Length, DestMax - Length, Source); } /** Get UINT64 type value. @@ -955,10 +956,11 @@ ProcessOptions ( UINTN Index2; UINT8 *ValueArray; UINT8 ValueType; EFI_IFR_ORDERED_LIST *OrderList; BOOLEAN ValueInvalid; + UINTN MaxLen; Status = EFI_SUCCESS; StringPtr = NULL; Character[1] = L'\0'; @@ -997,11 +999,12 @@ ProcessOptions ( } else { // // We now know how many strings we will have, so we can allocate the // space required for the array or strings. // - *OptionString = AllocateZeroPool (OrderList->MaxContainers * BufferSize); + MaxLen = OrderList->MaxContainers * BufferSize / sizeof (CHAR16); + *OptionString = AllocateZeroPool (MaxLen * sizeof (CHAR16)); ASSERT (*OptionString); HiiValue.Type = ValueType; HiiValue.Value.u64 = 0; for (Index = 0; Index < OrderList->MaxContainers; Index++) { @@ -1055,18 +1058,18 @@ ProcessOptions ( *OptionString = NULL; return EFI_NOT_FOUND; } Character[0] = LEFT_ONEOF_DELIMITER; - NewStrCat (OptionString[0], Character); + NewStrCat (OptionString[0], MaxLen, Character); StringPtr = GetToken (OneOfOption->OptionOpCode->Option, gFormData->HiiHandle); ASSERT (StringPtr != NULL); - NewStrCat (OptionString[0], StringPtr); + NewStrCat (OptionString[0], MaxLen, StringPtr); Character[0] = RIGHT_ONEOF_DELIMITER; - NewStrCat (OptionString[0], Character); + NewStrCat (OptionString[0], MaxLen, Character); Character[0] = CHAR_CARRIAGE_RETURN; - NewStrCat (OptionString[0], Character); + NewStrCat (OptionString[0], MaxLen, Character); FreePool (StringPtr); } // // If valid option more than the max container, skip these options. @@ -1090,18 +1093,18 @@ ProcessOptions ( if (SkipErrorValue) { // // Not report error, just get the correct option string info. // Character[0] = LEFT_ONEOF_DELIMITER; - NewStrCat (OptionString[0], Character); + NewStrCat (OptionString[0], MaxLen, Character); StringPtr = GetToken (OneOfOption->OptionOpCode->Option, gFormData->HiiHandle); ASSERT (StringPtr != NULL); - NewStrCat (OptionString[0], StringPtr); + NewStrCat (OptionString[0], MaxLen, StringPtr); Character[0] = RIGHT_ONEOF_DELIMITER; - NewStrCat (OptionString[0], Character); + NewStrCat (OptionString[0], MaxLen, Character); Character[0] = CHAR_CARRIAGE_RETURN; - NewStrCat (OptionString[0], Character); + NewStrCat (OptionString[0], MaxLen, Character); FreePool (StringPtr); continue; } @@ -1149,10 +1152,11 @@ ProcessOptions ( // // Go ask for input // Status = GetSelectionInputPopUp (MenuOption); } else { + MaxLen = BufferSize / sizeof(CHAR16); *OptionString = AllocateZeroPool (BufferSize); ASSERT (*OptionString); OneOfOption = ValueToOption (Question, QuestionValue); if (OneOfOption == NULL) { @@ -1202,16 +1206,16 @@ ProcessOptions ( return EFI_NOT_FOUND; } } Character[0] = LEFT_ONEOF_DELIMITER; - NewStrCat (OptionString[0], Character); + NewStrCat (OptionString[0], MaxLen, Character); StringPtr = GetToken (OneOfOption->OptionOpCode->Option, gFormData->HiiHandle); ASSERT (StringPtr != NULL); - NewStrCat (OptionString[0], StringPtr); + NewStrCat (OptionString[0], MaxLen, StringPtr); Character[0] = RIGHT_ONEOF_DELIMITER; - NewStrCat (OptionString[0], Character); + NewStrCat (OptionString[0], MaxLen, Character); FreePool (StringPtr); } break; diff --git a/MdeModulePkg/Universal/DriverSampleDxe/DriverSample.c b/MdeModulePkg/Universal/DriverSampleDxe/DriverSample.c index 22b6b26..a21f58a 100644 --- a/MdeModulePkg/Universal/DriverSampleDxe/DriverSample.c +++ b/MdeModulePkg/Universal/DriverSampleDxe/DriverSample.c @@ -328,11 +328,11 @@ ValidatePassword ( // // Validate old password // EncodedPassword = AllocateZeroPool (PasswordMaxSize); ASSERT (EncodedPassword != NULL); - StrnCpy (EncodedPassword, Password, StrLen (Password)); + StrnCpyS (EncodedPassword, PasswordMaxSize / sizeof (CHAR16), Password, StrLen (Password)); EncodePassword (EncodedPassword, StrLen (EncodedPassword) * sizeof (CHAR16)); if (CompareMem (EncodedPassword, PrivateData->Configuration.WhatIsThePassword2, PasswordMaxSize) != 0) { // // Old password mismatch, return EFI_NOT_READY to prompt for error message // @@ -398,11 +398,11 @@ SetPassword ( } if (StrSize (TempPassword) > PasswordSize) { FreePool (TempPassword); return EFI_NOT_READY; } - StrnCpy (Password, TempPassword, StrLen (TempPassword)); + StrnCpyS (Password, PasswordSize / sizeof (CHAR16), TempPassword, StrLen (TempPassword)); FreePool (TempPassword); // // Retrive uncommitted data from Browser // @@ -599,11 +599,11 @@ CreateAltCfgString ( return NULL; } TmpStr = StringPtr; if (Result != NULL) { - StrCpy (StringPtr, Result); + StrCpyS (StringPtr, NewLen / sizeof (CHAR16), Result); StringPtr += StrLen (Result); FreePool (Result); } UnicodeSPrint ( @@ -906,11 +906,11 @@ ExtractConfig ( 1 + sizeof (PrivateData->Configuration.NameValueVar0) * 2 + 1 + sizeof (PrivateData->Configuration.NameValueVar1) * 2 + 1 + sizeof (PrivateData->Configuration.NameValueVar2) * 2 + 1) * sizeof (CHAR16); *Results = AllocateZeroPool (BufferSize); ASSERT (*Results != NULL); - StrCpy (*Results, ConfigRequest); + StrCpyS (*Results, BufferSize / sizeof (CHAR16), ConfigRequest); Value = *Results; // // Append value of NameValueVar0, type is UINT8 // @@ -1182,11 +1182,11 @@ RouteConfig ( // Convert Config String to Unicode String, e.g "0041004200430044" => "ABCD" // StrBuffer = (CHAR16 *) PrivateData->Configuration.NameValueVar2; ZeroMem (TemStr, sizeof (TemStr)); while (Value < StrPtr) { - StrnCpy (TemStr, Value, 4); + StrnCpyS (TemStr, sizeof (TemStr) / sizeof (CHAR16), Value, 4); *(StrBuffer++) = (CHAR16) StrHexToUint64 (TemStr); Value += 4; } *StrBuffer = L'\0'; } diff --git a/MdeModulePkg/Universal/HiiDatabaseDxe/ConfigKeywordHandler.c b/MdeModulePkg/Universal/HiiDatabaseDxe/ConfigKeywordHandler.c index 2f04411..529e90f 100644 --- a/MdeModulePkg/Universal/HiiDatabaseDxe/ConfigKeywordHandler.c +++ b/MdeModulePkg/Universal/HiiDatabaseDxe/ConfigKeywordHandler.c @@ -1668,10 +1668,11 @@ ConstructConfigHdr ( UINTN Index; UINT8 *Buffer; CHAR16 *Name; CHAR8 *AsciiName; EFI_GUID *Guid; + UINTN MaxLen; ASSERT (OpCodeData != NULL); switch (((EFI_IFR_OP_HEADER *)OpCodeData)->OpCode) { case EFI_IFR_VARSTORE_OP: @@ -1731,19 +1732,21 @@ ConstructConfigHdr ( // // GUID=<HexCh>32&NAME=<Char>NameLength&PATH=<HexChar>DevicePathSize <Null> // | 5 | sizeof (EFI_GUID) * 2 | 6 | NameStrLen*4 | 6 | DevicePathSize * 2 | 1 | // - String = AllocateZeroPool ((5 + sizeof (EFI_GUID) * 2 + 6 + NameLength * 4 + 6 + DevicePathSize * 2 + 1) * sizeof (CHAR16)); + MaxLen = 5 + sizeof (EFI_GUID) * 2 + 6 + NameLength * 4 + 6 + DevicePathSize * 2 + 1; + String = AllocateZeroPool (MaxLen * sizeof (CHAR16)); if (String == NULL) { return NULL; } // // Start with L"GUID=" // - ReturnString = StrCpy (String, L"GUID="); + StrCpyS (String, MaxLen, L"GUID="); + ReturnString = String; String += StrLen (String); if (Guid != NULL) { // // Append Guid converted to <HexCh>32 @@ -1754,11 +1757,11 @@ ConstructConfigHdr ( } // // Append L"&NAME=" // - StrCpy (String, L"&NAME="); + StrCpyS (String, MaxLen, L"&NAME="); String += StrLen (String); if (Name != NULL) { // // Append Name converted to <Char>NameLength @@ -1769,11 +1772,11 @@ ConstructConfigHdr ( } // // Append L"&PATH=" // - StrCpy (String, L"&PATH="); + StrCpyS (String, MaxLen, L"&PATH="); String += StrLen (String); // // Append the device path associated with DriverHandle converted to <HexChar>DevicePathSize // @@ -1989,11 +1992,11 @@ ExtractConfigRequest ( CHAR16 *Name; UINT16 Offset; UINT16 Width; CHAR16 *ConfigHdr; CHAR16 *RequestElement; - UINTN Length; + UINTN MaxLen; CHAR16 *StringPtr; ASSERT (DatabaseRecord != NULL && OpCodeData != NULL && ConfigRequest != NULL); OpCode = NULL; @@ -2030,26 +2033,26 @@ ExtractConfigRequest ( } RequestElement = ConstructRequestElement(Name, Offset, Width); ConfigHdr = ConstructConfigHdr(Storage, DatabaseRecord->DriverHandle); ASSERT (ConfigHdr != NULL); - Length = (StrLen (ConfigHdr) + 1 + StrLen(RequestElement) + 1) * sizeof (CHAR16); - *ConfigRequest = AllocatePool (Length); + MaxLen = StrLen (ConfigHdr) + 1 + StrLen(RequestElement) + 1; + *ConfigRequest = AllocatePool (MaxLen * sizeof (CHAR16)); if (*ConfigRequest == NULL) { FreePool (ConfigHdr); FreePool (RequestElement); return EFI_OUT_OF_RESOURCES; } StringPtr = *ConfigRequest; - StrCpy (StringPtr, ConfigHdr); + StrCpyS (StringPtr, MaxLen, ConfigHdr); StringPtr += StrLen (StringPtr); *StringPtr = L'&'; StringPtr++; - StrCpy (StringPtr, RequestElement); + StrCpyS (StringPtr, MaxLen, RequestElement); StringPtr += StrLen (StringPtr); *StringPtr = L'\0'; FreePool (ConfigHdr); FreePool (RequestElement); @@ -2096,11 +2099,11 @@ ExtractConfigResp ( CHAR16 *Name; UINT16 Offset; UINT16 Width; CHAR16 *ConfigHdr; CHAR16 *RequestElement; - UINTN Length; + UINTN MaxLen; CHAR16 *StringPtr; ASSERT ((DatabaseRecord != NULL) && (OpCodeData != NULL) && (ConfigResp != NULL) && (ValueElement != NULL)); OpCode = NULL; @@ -2138,35 +2141,35 @@ ExtractConfigResp ( RequestElement = ConstructRequestElement(Name, Offset, Width); ConfigHdr = ConstructConfigHdr(Storage, DatabaseRecord->DriverHandle); ASSERT (ConfigHdr != NULL); - Length = (StrLen (ConfigHdr) + 1 + StrLen(RequestElement) + 1 + StrLen (L"VALUE=") + StrLen(ValueElement) + 1) * sizeof (CHAR16); - *ConfigResp = AllocatePool (Length); + MaxLen = StrLen (ConfigHdr) + 1 + StrLen(RequestElement) + 1 + StrLen (L"VALUE=") + StrLen(ValueElement) + 1; + *ConfigResp = AllocatePool (MaxLen * sizeof (CHAR16)); if (*ConfigResp == NULL) { FreePool (ConfigHdr); FreePool (RequestElement); return EFI_OUT_OF_RESOURCES; } StringPtr = *ConfigResp; - StrCpy (StringPtr, ConfigHdr); + StrCpyS (StringPtr, MaxLen, ConfigHdr); StringPtr += StrLen (StringPtr); *StringPtr = L'&'; StringPtr++; - StrCpy (StringPtr, RequestElement); + StrCpyS (StringPtr, MaxLen, RequestElement); StringPtr += StrLen (StringPtr); *StringPtr = L'&'; StringPtr++; - StrCpy (StringPtr, L"VALUE="); + StrCpyS (StringPtr, MaxLen, L"VALUE="); StringPtr += StrLen (StringPtr); - StrCpy (StringPtr, ValueElement); + StrCpyS (StringPtr, MaxLen, ValueElement); StringPtr += StrLen (StringPtr); *StringPtr = L'\0'; FreePool (ConfigHdr); FreePool (RequestElement); @@ -2431,13 +2434,14 @@ GenerateKeywordResp ( if (ReadOnly) { RespStrLen += 9; } // - // 2. Allocate the buffer and create the KeywordResp string. + // 2. Allocate the buffer and create the KeywordResp string include '\0'. // - *KeywordResp = AllocatePool ((RespStrLen + 1) * sizeof (CHAR16)); + RespStrLen += 1; + *KeywordResp = AllocatePool (RespStrLen * sizeof (CHAR16)); if (*KeywordResp == NULL) { if (UnicodeNameSpace != NULL) { FreePool (UnicodeNameSpace); } @@ -2446,40 +2450,40 @@ GenerateKeywordResp ( RespStr = *KeywordResp; // // 2.1 Copy NameSpaceId section. // - StrCpy (RespStr, L"NAMESPACE="); + StrCpyS (RespStr, RespStrLen, L"NAMESPACE="); RespStr += StrLen (RespStr); - StrCpy (RespStr, UnicodeNameSpace); + StrCpyS (RespStr, RespStrLen, UnicodeNameSpace); RespStr += StrLen (RespStr); // // 2.2 Copy PathHdr section. // - StrCpy (RespStr, PathHdr); + StrCpyS (RespStr, RespStrLen, PathHdr); RespStr += StrLen (RespStr); // // 2.3 Copy Keyword section. // - StrCpy (RespStr, L"KEYWORD="); + StrCpyS (RespStr, RespStrLen, L"KEYWORD="); RespStr += StrLen (RespStr); - StrCpy (RespStr, KeywordData); + StrCpyS (RespStr, RespStrLen, KeywordData); RespStr += StrLen (RespStr); // // 2.4 Copy the Value section. // - StrCpy (RespStr, ValueStr); + StrCpyS (RespStr, RespStrLen, ValueStr); RespStr += StrLen (RespStr); // // 2.5 Copy ReadOnly section if exist. // if (ReadOnly) { - StrCpy (RespStr, L"&READONLY"); + StrCpyS (RespStr, RespStrLen, L"&READONLY"); RespStr += StrLen (RespStr); } // // 2.6 Add the end. @@ -2536,11 +2540,11 @@ MergeToMultiKeywordResp ( StringPtr += StrLen (StringPtr); *StringPtr = L'&'; StringPtr++; - StrCpy (StringPtr, *KeywordResp); + StrCpyS (StringPtr, MultiKeywordRespLen / sizeof (CHAR16), *KeywordResp); return EFI_SUCCESS; } /** diff --git a/MdeModulePkg/Universal/HiiDatabaseDxe/ConfigRouting.c b/MdeModulePkg/Universal/HiiDatabaseDxe/ConfigRouting.c index 4caf361..5686883 100644 --- a/MdeModulePkg/Universal/HiiDatabaseDxe/ConfigRouting.c +++ b/MdeModulePkg/Universal/HiiDatabaseDxe/ConfigRouting.c @@ -1,9 +1,9 @@ /** @file Implementation of interfaces function for EFI_HII_CONFIG_ROUTING_PROTOCOL. -Copyright (c) 2007 - 2014, Intel Corporation. All rights reserved.<BR> +Copyright (c) 2007 - 2015, Intel Corporation. All rights reserved.<BR> This program and the accompanying materials are licensed and made available under the terms and conditions of the BSD License which accompanies this distribution. The full text of the license may be found at http://opensource.org/licenses/bsd-license.php @@ -250,12 +250,11 @@ GenerateSubStr ( // Length = StrLen (String) + BufferLen * 2 + 1 + 1; Str = AllocateZeroPool (Length * sizeof (CHAR16)); ASSERT (Str != NULL); - StrCpy (Str, String); - Length = (BufferLen * 2 + 1) * sizeof (CHAR16); + StrCpyS (Str, Length, String); StringHeader = Str + StrLen (String); TemString = (CHAR16 *) StringHeader; switch (Flag) { @@ -295,11 +294,11 @@ GenerateSubStr ( } // // Convert the uppercase to lowercase since <HexAf> is defined in lowercase format. // - StrCat (Str, L"&"); + StrCatS (Str, Length, L"&"); HiiToLower (Str); *SubStr = Str; } @@ -390,17 +389,19 @@ AppendToMultiString ( IN EFI_STRING AppendString ) { UINTN AppendStringSize; UINTN MultiStringSize; + UINTN MaxLen; if (MultiString == NULL || *MultiString == NULL || AppendString == NULL) { return EFI_INVALID_PARAMETER; } AppendStringSize = StrSize (AppendString); MultiStringSize = StrSize (*MultiString); + MaxLen = MAX_STRING_LENGTH / sizeof (CHAR16); // // Enlarge the buffer each time when length exceeds MAX_STRING_LENGTH. // if (MultiStringSize + AppendStringSize > MAX_STRING_LENGTH || @@ -408,16 +409,17 @@ AppendToMultiString ( *MultiString = (EFI_STRING) ReallocatePool ( MultiStringSize, MultiStringSize + AppendStringSize, (VOID *) (*MultiString) ); + MaxLen = (MultiStringSize + AppendStringSize) / sizeof (CHAR16); ASSERT (*MultiString != NULL); } // // Append the incoming string // - StrCat (*MultiString, AppendString); + StrCatS (*MultiString, MaxLen, AppendString); return EFI_SUCCESS; } @@ -534,10 +536,12 @@ MergeDefaultString ( CHAR16 TempChar; EFI_STRING StringPtr; EFI_STRING AltConfigHdr; UINTN HeaderLength; UINTN SizeAltCfgResp; + UINTN MaxLen; + UINTN TotalSize; if (*AltCfgResp == NULL) { return EFI_INVALID_PARAMETER; } @@ -570,61 +574,63 @@ MergeDefaultString ( // // Construct AltConfigHdr string "&<ConfigHdr>&ALTCFG=XXXX\0" // |1| StrLen (ConfigHdr) | 8 | 4 | 1 | // - AltConfigHdr = AllocateZeroPool ((1 + HeaderLength + 8 + 4 + 1) * sizeof (CHAR16)); + MaxLen = 1 + HeaderLength + 8 + 4 + 1; + AltConfigHdr = AllocateZeroPool (MaxLen * sizeof (CHAR16)); if (AltConfigHdr == NULL) { return EFI_OUT_OF_RESOURCES; } - StrCpy (AltConfigHdr, L"&"); - StrnCat (AltConfigHdr, *AltCfgResp, HeaderLength); - StrCat (AltConfigHdr, L"&ALTCFG="); + StrCpyS (AltConfigHdr, MaxLen, L"&"); + StrnCatS (AltConfigHdr, MaxLen, *AltCfgResp, HeaderLength); + StrCatS (AltConfigHdr, MaxLen, L"&ALTCFG="); HeaderLength = StrLen (AltConfigHdr); StringPtrDefault = StrStr (DefaultAltCfgResp, AltConfigHdr); while (StringPtrDefault != NULL) { // // Get AltCfg Name // - StrnCat (AltConfigHdr, StringPtrDefault + HeaderLength, 4); + StrnCatS (AltConfigHdr, MaxLen, StringPtrDefault + HeaderLength, 4); StringPtr = StrStr (*AltCfgResp, AltConfigHdr); // // Append the found default value string to the input AltCfgResp // if (StringPtr == NULL) { StringPtrEnd = StrStr (StringPtrDefault + 1, L"&GUID"); SizeAltCfgResp = StrSize (*AltCfgResp); + TotalSize = SizeAltCfgResp + StrSize (StringPtrDefault); if (StringPtrEnd == NULL) { // // No more default string is found. // *AltCfgResp = (EFI_STRING) ReallocatePool ( SizeAltCfgResp, - SizeAltCfgResp + StrSize (StringPtrDefault), + TotalSize, (VOID *) (*AltCfgResp) ); if (*AltCfgResp == NULL) { FreePool (AltConfigHdr); return EFI_OUT_OF_RESOURCES; } - StrCat (*AltCfgResp, StringPtrDefault); + StrCatS (*AltCfgResp, TotalSize / sizeof (CHAR16), StringPtrDefault); break; } else { TempChar = *StringPtrEnd; *StringPtrEnd = L'\0'; *AltCfgResp = (EFI_STRING) ReallocatePool ( SizeAltCfgResp, - SizeAltCfgResp + StrSize (StringPtrDefault), + TotalSize, (VOID *) (*AltCfgResp) ); if (*AltCfgResp == NULL) { FreePool (AltConfigHdr); return EFI_OUT_OF_RESOURCES; } - StrCat (*AltCfgResp, StringPtrDefault); + StrCatS (*AltCfgResp, TotalSize / sizeof (CHAR16), StringPtrDefault); *StringPtrEnd = TempChar; } } // @@ -1186,12 +1192,12 @@ GetVarStoreType ( FreePool (NameStr); FreePool (VarStoreName); Status = EFI_OUT_OF_RESOURCES; goto Done; } - StrCpy (TempStr, GuidStr); - StrCat (TempStr, NameStr); + StrCpyS (TempStr, LengthString, GuidStr); + StrCatS (TempStr, LengthString, NameStr); if (ConfigHdr == NULL || StrnCmp (ConfigHdr, TempStr, StrLen (TempStr)) == 0) { *EfiVarStore = (EFI_IFR_VARSTORE_EFI *) AllocateZeroPool (IfrOpHdr->Length); if (*EfiVarStore == NULL) { FreePool (VarStoreName); FreePool (GuidStr); @@ -1302,12 +1308,12 @@ IsThisVarstore ( TempStr = AllocateZeroPool (LengthString * sizeof (CHAR16)); if (TempStr == NULL) { goto Done; } - StrCpy (TempStr, GuidStr); - StrCat (TempStr, NameStr); + StrCpyS (TempStr, LengthString, GuidStr); + StrCatS (TempStr, LengthString, NameStr); if (ConfigHdr == NULL || StrnCmp (ConfigHdr, TempStr, StrLen (TempStr)) == 0) { RetVal = TRUE; } @@ -2664,11 +2670,11 @@ GenerateConfigRequest ( StringPtr = FullConfigRequest; // // Start with <ConfigHdr> // - StrCpy (StringPtr, ConfigHdr); + StrCpyS (StringPtr, Length, ConfigHdr); StringPtr += StrLen (StringPtr); // // Loop through all the Offset/Width pairs and append them to ConfigRequest // @@ -2763,16 +2769,16 @@ GenerateHdr ( *ConfigHdr = AllocateZeroPool (Length * sizeof (CHAR16)); if (*ConfigHdr == NULL) { Status = EFI_OUT_OF_RESOURCES; goto Done; } - StrCpy (*ConfigHdr, GuidStr); - StrCat (*ConfigHdr, NameStr); + StrCpyS (*ConfigHdr, Length, GuidStr); + StrCatS (*ConfigHdr, Length, NameStr); if (VarStorageData->Name == NULL) { - StrCat (*ConfigHdr, L"&"); + StrCatS (*ConfigHdr, Length, L"&"); } - StrCat (*ConfigHdr, PathStr); + StrCatS (*ConfigHdr, Length, PathStr); // // Remove the last character L'&' // *(*ConfigHdr + StrLen (*ConfigHdr) - 1) = L'\0'; @@ -2932,11 +2938,11 @@ GenerateAltConfigResp ( StringPtr = *DefaultAltCfgResp; // // Start with <ConfigHdr> // - StrCpy (StringPtr, ConfigHdr); + StrCpyS (StringPtr, Length, ConfigHdr); StringPtr += StrLen (StringPtr); for (Link = DefaultIdArray->Entry.ForwardLink; Link != &DefaultIdArray->Entry; Link = Link->ForwardLink) { DefaultId = BASE_CR (Link, IFR_DEFAULT_DATA, Entry); // @@ -4610,12 +4616,12 @@ HiiBlockToConfig ( CopyMem (ConfigElement, TmpPtr, (StringPtr - TmpPtr + 1) * sizeof (CHAR16)); if (*StringPtr == 0) { *(ConfigElement + (StringPtr - TmpPtr)) = L'&'; } *(ConfigElement + (StringPtr - TmpPtr) + 1) = 0; - StrCat (ConfigElement, L"VALUE="); - StrCat (ConfigElement, ValueStr); + StrCatS (ConfigElement, Length, L"VALUE="); + StrCatS (ConfigElement, Length, ValueStr); AppendToMultiString (Config, ConfigElement); FreePool (ConfigElement); FreePool (ValueStr); @@ -5128,12 +5134,12 @@ Exit: Length = HdrEnd - HdrStart + StrLen (Result) + 1; *AltCfgResp = AllocateZeroPool (Length * sizeof (CHAR16)); if (*AltCfgResp == NULL) { Status = EFI_OUT_OF_RESOURCES; } else { - StrnCpy (*AltCfgResp, HdrStart, HdrEnd - HdrStart); - StrCat (*AltCfgResp, Result); + StrnCpyS (*AltCfgResp, Length, HdrStart, HdrEnd - HdrStart); + StrCatS (*AltCfgResp, Length, Result); Status = EFI_SUCCESS; } } if (GuidStr != NULL) { diff --git a/MdeModulePkg/Universal/HiiDatabaseDxe/Database.c b/MdeModulePkg/Universal/HiiDatabaseDxe/Database.c index 70c0385..7ea2e72 100644 --- a/MdeModulePkg/Universal/HiiDatabaseDxe/Database.c +++ b/MdeModulePkg/Universal/HiiDatabaseDxe/Database.c @@ -1,9 +1,9 @@ /** @file Implementation for EFI_HII_DATABASE_PROTOCOL. -Copyright (c) 2007 - 2014, Intel Corporation. All rights reserved.<BR> +Copyright (c) 2007 - 2015, Intel Corporation. All rights reserved.<BR> This program and the accompanying materials are licensed and made available under the terms and conditions of the BSD License which accompanies this distribution. The full text of the license may be found at http://opensource.org/licenses/bsd-license.php @@ -796,11 +796,11 @@ InsertStringPackage ( LanguageSize = HeaderSize - sizeof (EFI_HII_STRING_PACKAGE_HDR) + sizeof (CHAR8); Language = (CHAR8 *) AllocateZeroPool (LanguageSize); if (Language == NULL) { return EFI_OUT_OF_RESOURCES; } - AsciiStrCpy (Language, (CHAR8 *) PackageHdr + HeaderSize - LanguageSize); + AsciiStrCpyS (Language, LanguageSize / sizeof (CHAR8), (CHAR8 *) PackageHdr + HeaderSize - LanguageSize); for (Link = PackageList->StringPkgHdr.ForwardLink; Link != &PackageList->StringPkgHdr; Link = Link->ForwardLink) { StringPackage = CR (Link, HII_STRING_PACKAGE_INSTANCE, StringEntry, HII_STRING_PACKAGE_SIGNATURE); if (HiiCompareLanguage (Language, StringPackage->StringPkgHdr->Language)) { FreePool (Language); return EFI_UNSUPPORTED; @@ -1180,11 +1180,11 @@ InsertFontPackage ( Status = EFI_OUT_OF_RESOURCES; goto Error; } FontInfo->FontStyle = FontPkgHdr->FontStyle; FontInfo->FontSize = FontPkgHdr->Cell.Height; - StrCpy (FontInfo->FontName, FontPkgHdr->FontFamily); + StrCpyS (FontInfo->FontName, sizeof (FontInfo->FontName) / sizeof (CHAR16), FontPkgHdr->FontFamily); if (IsFontInfoExisted (Private, FontInfo, NULL, NULL, NULL)) { Status = EFI_UNSUPPORTED; goto Error; } diff --git a/MdeModulePkg/Universal/HiiDatabaseDxe/Font.c b/MdeModulePkg/Universal/HiiDatabaseDxe/Font.c index 61e50c4..4b70b99 100644 --- a/MdeModulePkg/Universal/HiiDatabaseDxe/Font.c +++ b/MdeModulePkg/Universal/HiiDatabaseDxe/Font.c @@ -1,10 +1,10 @@ /** @file Implementation for EFI_HII_FONT_PROTOCOL. -Copyright (c) 2007 - 2014, Intel Corporation. All rights reserved.<BR> +Copyright (c) 2007 - 2015, Intel Corporation. All rights reserved.<BR> This program and the accompanying materials are licensed and made available under the terms and conditions of the BSD License which accompanies this distribution. The full text of the license may be found at http://opensource.org/licenses/bsd-license.php @@ -931,20 +931,22 @@ SaveFontName ( IN EFI_STRING FontName, OUT EFI_FONT_INFO **FontInfo ) { UINTN FontInfoLen; + UINTN NameSize; ASSERT (FontName != NULL && FontInfo != NULL); - FontInfoLen = sizeof (EFI_FONT_INFO) - sizeof (CHAR16) + StrSize (FontName); + NameSize = StrSize (FontName); + FontInfoLen = sizeof (EFI_FONT_INFO) - sizeof (CHAR16) + NameSize; *FontInfo = (EFI_FONT_INFO *) AllocateZeroPool (FontInfoLen); if (*FontInfo == NULL) { return EFI_OUT_OF_RESOURCES; } - StrCpy ((*FontInfo)->FontName, FontName); + StrCpyS ((*FontInfo)->FontName, NameSize / sizeof (CHAR16), FontName); return EFI_SUCCESS; } /** @@ -969,10 +971,11 @@ GetSystemFont ( OUT UINTN *FontInfoSize OPTIONAL ) { EFI_FONT_DISPLAY_INFO *Info; UINTN InfoSize; + UINTN NameSize; if (Private == NULL || Private->Signature != HII_DATABASE_PRIVATE_DATA_SIGNATURE) { return EFI_INVALID_PARAMETER; } if (FontInfo == NULL) { @@ -980,22 +983,23 @@ GetSystemFont ( } // // The standard font always has the name "sysdefault". // - InfoSize = sizeof (EFI_FONT_DISPLAY_INFO) - sizeof (CHAR16) + StrSize (L"sysdefault"); + NameSize = StrSize (L"sysdefault"); + InfoSize = sizeof (EFI_FONT_DISPLAY_INFO) - sizeof (CHAR16) + NameSize; Info = (EFI_FONT_DISPLAY_INFO *) AllocateZeroPool (InfoSize); if (Info == NULL) { return EFI_OUT_OF_RESOURCES; } Info->ForegroundColor = mHiiEfiColors[Private->Attribute & 0x0f]; Info->BackgroundColor = mHiiEfiColors[Private->Attribute >> 4]; Info->FontInfoMask = EFI_FONT_INFO_SYS_FONT | EFI_FONT_INFO_SYS_SIZE | EFI_FONT_INFO_SYS_STYLE; Info->FontInfo.FontStyle = 0; Info->FontInfo.FontSize = EFI_GLYPH_HEIGHT; - StrCpy (Info->FontInfo.FontName, L"sysdefault"); + StrCpyS (Info->FontInfo.FontName, NameSize / sizeof (CHAR16), L"sysdefault"); *FontInfo = Info; if (FontInfoSize != NULL) { *FontInfoSize = InfoSize; } @@ -2308,10 +2312,11 @@ HiiStringIdToImage ( HII_DATABASE_PRIVATE_DATA *Private; EFI_HII_STRING_PROTOCOL *HiiString; EFI_STRING String; UINTN StringSize; UINTN FontLen; + UINTN NameSize; EFI_FONT_INFO *StringFontInfo; EFI_FONT_DISPLAY_INFO *NewStringInfo; CHAR8 TempSupportedLanguages; CHAR8 *SupportedLanguages; UINTN SupportedLanguagesSize; @@ -2430,20 +2435,21 @@ HiiStringIdToImage ( // When StringInfo specifies that string will be output in the system default font and color, // use particular stringfontinfo described in string package instead if exists. // StringFontInfo equals NULL means system default font attaches with the string block. // if (StringFontInfo != NULL && IsSystemFontInfo (Private, (EFI_FONT_DISPLAY_INFO *) StringInfo, NULL, NULL)) { - FontLen = sizeof (EFI_FONT_DISPLAY_INFO) - sizeof (CHAR16) + StrSize (StringFontInfo->FontName); + NameSize = StrSize (StringFontInfo->FontName); + FontLen = sizeof (EFI_FONT_DISPLAY_INFO) - sizeof (CHAR16) + NameSize; NewStringInfo = AllocateZeroPool (FontLen); if (NewStringInfo == NULL) { Status = EFI_OUT_OF_RESOURCES; goto Exit; } NewStringInfo->FontInfoMask = EFI_FONT_INFO_SYS_FORE_COLOR | EFI_FONT_INFO_SYS_BACK_COLOR; NewStringInfo->FontInfo.FontStyle = StringFontInfo->FontStyle; NewStringInfo->FontInfo.FontSize = StringFontInfo->FontSize; - StrCpy (NewStringInfo->FontInfo.FontName, StringFontInfo->FontName); + StrCpyS (NewStringInfo->FontInfo.FontName, NameSize / sizeof (CHAR16), StringFontInfo->FontName); Status = HiiStringToImage ( This, Flags, String, diff --git a/MdeModulePkg/Universal/HiiDatabaseDxe/String.c b/MdeModulePkg/Universal/HiiDatabaseDxe/String.c index 7698cc2..a832486 100644 --- a/MdeModulePkg/Universal/HiiDatabaseDxe/String.c +++ b/MdeModulePkg/Universal/HiiDatabaseDxe/String.c @@ -1331,11 +1331,11 @@ HiiNewString ( StringPackage->StringPkgHdr->Header.Type = EFI_HII_PACKAGE_STRINGS; StringPackage->StringPkgHdr->HdrSize = HeaderSize; StringPackage->StringPkgHdr->StringInfoOffset = HeaderSize; CopyMem (StringPackage->StringPkgHdr->LanguageWindow, mLanguageWindow, 16 * sizeof (CHAR16)); StringPackage->StringPkgHdr->LanguageName = 1; - AsciiStrCpy (StringPackage->StringPkgHdr->Language, (CHAR8 *) Language); + AsciiStrCpyS (StringPackage->StringPkgHdr->Language, sizeof(StringPackage->StringPkgHdr->Language) / sizeof (CHAR8), (CHAR8 *) Language); // // Calculate the length of the string blocks, including string block to record // printable language full name and EFI_HII_SIBT_END_BLOCK. // @@ -1840,11 +1840,11 @@ HiiGetLanguages ( // continue; } ResultSize += AsciiStrSize (StringPackage->StringPkgHdr->Language); if (ResultSize <= *LanguagesSize) { - AsciiStrCpy (Languages, StringPackage->StringPkgHdr->Language); + AsciiStrCpyS (Languages, *LanguagesSize / sizeof (CHAR8), StringPackage->StringPkgHdr->Language); Languages += AsciiStrSize (StringPackage->StringPkgHdr->Language); *(Languages - 1) = L';'; } } if (ResultSize == 0) { @@ -1957,11 +1957,11 @@ HiiGetSecondaryLanguages ( } Languages++; ResultSize = AsciiStrSize (Languages); if (ResultSize <= *SecondaryLanguagesSize) { - AsciiStrCpy (SecondaryLanguages, Languages); + AsciiStrCpyS (SecondaryLanguages, *SecondaryLanguagesSize / sizeof (CHAR8), Languages); } else { *SecondaryLanguagesSize = ResultSize; return EFI_BUFFER_TOO_SMALL; } @@ -2022,17 +2022,17 @@ HiiCompareLanguage ( // Convert to lower to compare. // StrLen = AsciiStrSize (Language1); Lan1 = AllocateZeroPool (StrLen); ASSERT (Lan1 != NULL); - AsciiStrCpy(Lan1, Language1); + AsciiStrCpyS(Lan1, StrLen / sizeof (CHAR8), Language1); AsciiHiiToLower (Lan1); StrLen = AsciiStrSize (Language2); Lan2 = AllocateZeroPool (StrLen); ASSERT (Lan2 != NULL); - AsciiStrCpy(Lan2, Language2); + AsciiStrCpyS(Lan2, StrLen / sizeof (CHAR8), Language2); AsciiHiiToLower (Lan2); // // Compare the Primary Language in Language1 to Language2 // diff --git a/MdeModulePkg/Universal/SetupBrowserDxe/Expression.c b/MdeModulePkg/Universal/SetupBrowserDxe/Expression.c index f1a65b2..688a1d6 100644 --- a/MdeModulePkg/Universal/SetupBrowserDxe/Expression.c +++ b/MdeModulePkg/Universal/SetupBrowserDxe/Expression.c @@ -1322,10 +1322,11 @@ IfrCatenate ( CHAR16 *StringPtr; UINTN Size; UINT16 Length0; UINT16 Length1; UINT8 *TmpBuf; + UINTN MaxLen; // // String[0] - The second string // String[1] - The first string // @@ -1361,14 +1362,15 @@ IfrCatenate ( } } if (Value[0].Type == EFI_IFR_TYPE_STRING) { Size = StrSize (String[0]); - StringPtr= AllocatePool (StrSize (String[1]) + Size); + MaxLen = (StrSize (String[1]) + Size) / sizeof (CHAR16); + StringPtr= AllocatePool (MaxLen * sizeof (CHAR16)); ASSERT (StringPtr != NULL); - StrCpy (StringPtr, String[1]); - StrCat (StringPtr, String[0]); + StrCpyS (StringPtr, MaxLen, String[1]); + StrCatS (StringPtr, MaxLen, String[0]); Result->Type = EFI_IFR_TYPE_STRING; Result->Value.string = NewString (StringPtr, FormSet->HiiHandle); } else { Result->Type = EFI_IFR_TYPE_BUFFER; diff --git a/MdeModulePkg/Universal/SetupBrowserDxe/IfrParse.c b/MdeModulePkg/Universal/SetupBrowserDxe/IfrParse.c index 4540560..953e3a5 100644 --- a/MdeModulePkg/Universal/SetupBrowserDxe/IfrParse.c +++ b/MdeModulePkg/Universal/SetupBrowserDxe/IfrParse.c @@ -686,10 +686,11 @@ InitializeRequestElement ( CHAR16 *NewStr; CHAR16 RequestElement[30]; LIST_ENTRY *Link; BOOLEAN Find; FORM_BROWSER_CONFIG_REQUEST *ConfigInfo; + UINTN MaxLen; Storage = Question->Storage; if (Storage == NULL) { return EFI_INVALID_PARAMETER; } @@ -730,30 +731,32 @@ InitializeRequestElement ( // // Find Formset Storage for this Question // FormsetStorage = GetFstStgFromVarId(FormSet, Question->VarStoreId); ASSERT (FormsetStorage != NULL); + StringSize = (FormsetStorage->ConfigRequest != NULL) ? StrSize (FormsetStorage->ConfigRequest) : sizeof (CHAR16); + MaxLen = StringSize / sizeof (CHAR16) + FormsetStorage->SpareStrLen; // // Append <RequestElement> to <ConfigRequest> // if (StrLen > FormsetStorage->SpareStrLen) { // // Old String buffer is not sufficient for RequestElement, allocate a new one // - StringSize = (FormsetStorage->ConfigRequest != NULL) ? StrSize (FormsetStorage->ConfigRequest) : sizeof (CHAR16); - NewStr = AllocateZeroPool (StringSize + CONFIG_REQUEST_STRING_INCREMENTAL * sizeof (CHAR16)); + MaxLen = StringSize / sizeof (CHAR16) + CONFIG_REQUEST_STRING_INCREMENTAL; + NewStr = AllocateZeroPool (MaxLen * sizeof (CHAR16)); ASSERT (NewStr != NULL); if (FormsetStorage->ConfigRequest != NULL) { CopyMem (NewStr, FormsetStorage->ConfigRequest, StringSize); FreePool (FormsetStorage->ConfigRequest); } FormsetStorage->ConfigRequest = NewStr; FormsetStorage->SpareStrLen = CONFIG_REQUEST_STRING_INCREMENTAL; } - StrCat (FormsetStorage->ConfigRequest, RequestElement); + StrCatS (FormsetStorage->ConfigRequest, MaxLen, RequestElement); FormsetStorage->ElementCount++; FormsetStorage->SpareStrLen -= StrLen; // // Update the Config Request info saved in the form. @@ -780,30 +783,32 @@ InitializeRequestElement ( ASSERT (ConfigInfo->ConfigRequest != NULL); ConfigInfo->SpareStrLen = 0; ConfigInfo->Storage = FormsetStorage->BrowserStorage; InsertTailList(&Form->ConfigRequestHead, &ConfigInfo->Link); } + StringSize = (ConfigInfo->ConfigRequest != NULL) ? StrSize (ConfigInfo->ConfigRequest) : sizeof (CHAR16); + MaxLen = StringSize / sizeof (CHAR16) + ConfigInfo->SpareStrLen; // // Append <RequestElement> to <ConfigRequest> // if (StrLen > ConfigInfo->SpareStrLen) { // // Old String buffer is not sufficient for RequestElement, allocate a new one // - StringSize = (ConfigInfo->ConfigRequest != NULL) ? StrSize (ConfigInfo->ConfigRequest) : sizeof (CHAR16); - NewStr = AllocateZeroPool (StringSize + CONFIG_REQUEST_STRING_INCREMENTAL * sizeof (CHAR16)); + MaxLen = StringSize / sizeof (CHAR16) + CONFIG_REQUEST_STRING_INCREMENTAL; + NewStr = AllocateZeroPool (MaxLen * sizeof (CHAR16)); ASSERT (NewStr != NULL); if (ConfigInfo->ConfigRequest != NULL) { CopyMem (NewStr, ConfigInfo->ConfigRequest, StringSize); FreePool (ConfigInfo->ConfigRequest); } ConfigInfo->ConfigRequest = NewStr; ConfigInfo->SpareStrLen = CONFIG_REQUEST_STRING_INCREMENTAL; } - StrCat (ConfigInfo->ConfigRequest, RequestElement); + StrCatS (ConfigInfo->ConfigRequest, MaxLen, RequestElement); ConfigInfo->ElementCount++; ConfigInfo->SpareStrLen -= StrLen; return EFI_SUCCESS; } diff --git a/MdeModulePkg/Universal/SetupBrowserDxe/Setup.c b/MdeModulePkg/Universal/SetupBrowserDxe/Setup.c index 4d28617..8b1bb00 100644 --- a/MdeModulePkg/Universal/SetupBrowserDxe/Setup.c +++ b/MdeModulePkg/Universal/SetupBrowserDxe/Setup.c @@ -633,10 +633,11 @@ ProcessStorage ( CHAR16 *ConfigResp; EFI_STATUS Status; CHAR16 *StrPtr; UINTN BufferSize; UINTN TmpSize; + UINTN MaxLen; FORMSET_STORAGE *BrowserStorage; if (RetrieveData) { // // Generate <ConfigResp> @@ -658,11 +659,11 @@ ProcessStorage ( // // Copy the data if the input buffer is bigger enough. // if (*ResultsDataSize >= BufferSize) { - StrCpy (*ResultsData, StrPtr); + StrCpyS (*ResultsData, *ResultsDataSize / sizeof (CHAR16), StrPtr); } *ResultsDataSize = BufferSize; FreePool (ConfigResp); } else { @@ -671,16 +672,17 @@ ProcessStorage ( // BrowserStorage = GetFstStgFromBrsStg (Storage); ASSERT (BrowserStorage != NULL); TmpSize = StrLen (*ResultsData); BufferSize = (TmpSize + StrLen (BrowserStorage->ConfigHdr) + 2) * sizeof (CHAR16); + MaxLen = BufferSize / sizeof (CHAR16); ConfigResp = AllocateZeroPool (BufferSize); ASSERT (ConfigResp != NULL); - StrCpy (ConfigResp, BrowserStorage->ConfigHdr); - StrCat (ConfigResp, L"&"); - StrCat (ConfigResp, *ResultsData); + StrCpyS (ConfigResp, MaxLen, BrowserStorage->ConfigHdr); + StrCatS (ConfigResp, MaxLen, L"&"); + StrCatS (ConfigResp, MaxLen, *ResultsData); // // Update Browser uncommited data // Status = ConfigRespToStorage (Storage, ConfigResp); @@ -1077,23 +1079,23 @@ NewStringCat ( IN OUT CHAR16 **Dest, IN CHAR16 *Src ) { CHAR16 *NewString; - UINTN TmpSize; + UINTN MaxLen; if (*Dest == NULL) { NewStringCpy (Dest, Src); return; } - TmpSize = StrSize (*Dest); - NewString = AllocateZeroPool (TmpSize + StrSize (Src) - 1); + MaxLen = ( StrSize (*Dest) + StrSize (Src) - 1) / sizeof (CHAR16); + NewString = AllocateZeroPool (MaxLen * sizeof (CHAR16)); ASSERT (NewString != NULL); - StrCpy (NewString, *Dest); - StrCat (NewString, Src); + StrCpyS (NewString, MaxLen, *Dest); + StrCatS (NewString, MaxLen, Src); FreePool (*Dest); *Dest = NewString; } @@ -1439,11 +1441,11 @@ BufferToValue ( Status = EFI_BUFFER_TOO_SMALL; } else { DstBuf = (CHAR16 *) Dst; ZeroMem (TemStr, sizeof (TemStr)); for (Index = 0; Index < LengthStr; Index += 4) { - StrnCpy (TemStr, Value + Index, 4); + StrnCpyS (TemStr, sizeof (TemStr) / sizeof (CHAR16), Value + Index, 4); DstBuf[Index/4] = (CHAR16) StrHexToUint64 (TemStr); } // // Add tailing L'\0' character // @@ -1503,10 +1505,11 @@ GetQuestionValue ( CHAR16 *Progress; CHAR16 *Result; CHAR16 *Value; UINTN Length; BOOLEAN IsBufferStorage; + UINTN MaxLen; Status = EFI_SUCCESS; Value = NULL; Result = NULL; @@ -1693,19 +1696,21 @@ GetQuestionValue ( Length += StrLen (Question->BlockName); } else { Length = StrLen (FormsetStorage->ConfigHdr); Length += StrLen (Question->VariableName) + 1; } - ConfigRequest = AllocateZeroPool ((Length + 1) * sizeof (CHAR16)); + // Allocate buffer include '\0' + MaxLen = Length + 1; + ConfigRequest = AllocateZeroPool (MaxLen * sizeof (CHAR16)); ASSERT (ConfigRequest != NULL); - StrCpy (ConfigRequest, FormsetStorage->ConfigHdr); + StrCpyS (ConfigRequest, MaxLen, FormsetStorage->ConfigHdr); if (IsBufferStorage) { - StrCat (ConfigRequest, Question->BlockName); + StrCatS (ConfigRequest, MaxLen, Question->BlockName); } else { - StrCat (ConfigRequest, L"&"); - StrCat (ConfigRequest, Question->VariableName); + StrCatS (ConfigRequest, MaxLen, L"&"); + StrCatS (ConfigRequest, MaxLen, Question->VariableName); } // // Request current settings from Configuration Driver // @@ -1807,10 +1812,11 @@ SetQuestionValue ( UINT8 *TemBuffer; CHAR16 *TemName; CHAR16 *TemString; UINTN Index; NAME_VALUE_NODE *Node; + UINTN MaxLen; Status = EFI_SUCCESS; Node = NULL; if (SetValueTo >= GetSetValueWithMax) { @@ -1991,21 +1997,22 @@ SetQuestionValue ( } else { Length += (StorageWidth * 2); } FormsetStorage = GetFstStgFromVarId(FormSet, Question->VarStoreId); ASSERT (FormsetStorage != NULL); - ConfigResp = AllocateZeroPool ((StrLen (FormsetStorage->ConfigHdr) + Length + 1) * sizeof (CHAR16)); + MaxLen = StrLen (FormsetStorage->ConfigHdr) + Length + 1; + ConfigResp = AllocateZeroPool (MaxLen * sizeof (CHAR16)); ASSERT (ConfigResp != NULL); - StrCpy (ConfigResp, FormsetStorage->ConfigHdr); + StrCpyS (ConfigResp, MaxLen, FormsetStorage->ConfigHdr); if (IsBufferStorage) { - StrCat (ConfigResp, Question->BlockName); - StrCat (ConfigResp, L"&VALUE="); + StrCatS (ConfigResp, MaxLen, Question->BlockName); + StrCatS (ConfigResp, MaxLen, L"&VALUE="); } else { - StrCat (ConfigResp, L"&"); - StrCat (ConfigResp, Question->VariableName); - StrCat (ConfigResp, L"="); + StrCatS (ConfigResp, MaxLen, L"&"); + StrCatS (ConfigResp, MaxLen, Question->VariableName); + StrCatS (ConfigResp, MaxLen, L"="); } Value = ConfigResp + StrLen (ConfigResp); if (!IsBufferStorage && IsString) { @@ -4876,33 +4883,36 @@ AppendConfigRequest ( ) { CHAR16 *NewStr; UINTN StringSize; UINTN StrLength; + UINTN MaxLen; StrLength = StrLen (RequestElement); + StringSize = (*ConfigRequest != NULL) ? StrSize (*ConfigRequest) : sizeof (CHAR16); + MaxLen = StringSize / sizeof (CHAR16) + *SpareStrLen; // // Append <RequestElement> to <ConfigRequest> // if (StrLength > *SpareStrLen) { // // Old String buffer is not sufficient for RequestElement, allocate a new one // - StringSize = (*ConfigRequest != NULL) ? StrSize (*ConfigRequest) : sizeof (CHAR16); - NewStr = AllocateZeroPool (StringSize + CONFIG_REQUEST_STRING_INCREMENTAL * sizeof (CHAR16)); + MaxLen = StringSize / sizeof (CHAR16) + CONFIG_REQUEST_STRING_INCREMENTAL; + NewStr = AllocateZeroPool (MaxLen * sizeof (CHAR16)); ASSERT (NewStr != NULL); if (*ConfigRequest != NULL) { CopyMem (NewStr, *ConfigRequest, StringSize); FreePool (*ConfigRequest); } *ConfigRequest = NewStr; *SpareStrLen = CONFIG_REQUEST_STRING_INCREMENTAL; } - StrCat (*ConfigRequest, RequestElement); + StrCatS (*ConfigRequest, MaxLen, RequestElement); *SpareStrLen -= StrLength; } /** Adjust the config request info, remove the request elements which already in AllConfigRequest string. -- 1.9.5.msysgit.1 ------------------------------------------------------------------------------ Monitor 25 network devices or servers for free with OpManager! OpManager is web-based network management software that monitors network devices and physical & virtual servers, alerts via email & sms for fault. Monitor 25 devices for free with no restriction. Download now http://ad.doubleclick.net/ddm/clk/292181274;119417398;o _______________________________________________ edk2-devel mailing list edk2-devel@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/edk2-devel
