Replace unsafe string functions with new added safe string functions.
Contributed-under: TianoCore Contribution Agreement 1.0
Signed-off-by: Zhang Lubo <lubo.zh...@intel.com>
---
.../DxeTcgPhysicalPresenceLib.c | 90 +++++++++++-----------
.../DxeTrEEPhysicalPresenceLib.c | 18 ++---
.../UserProfileManagerDxe/UserProfileModify.c | 8 +-
.../EsalVariableDxeSal/Variable.c | 6 +-
.../VariableAuthenticated/RuntimeDxe/VarCheck.c | 2 +-
.../VariableAuthenticated/RuntimeDxe/Variable.c | 8 +-
.../SecureBootConfigFileExplorer.c | 23 +++---
.../SecureBootConfigDxe/SecureBootConfigMisc.c | 4 +-
8 files changed, 81 insertions(+), 78 deletions(-)
diff --git
a/SecurityPkg/Library/DxeTcgPhysicalPresenceLib/DxeTcgPhysicalPresenceLib.c
b/SecurityPkg/Library/DxeTcgPhysicalPresenceLib/DxeTcgPhysicalPresenceLib.c
index 7fbeb0a..913fd1d 100644
--- a/SecurityPkg/Library/DxeTcgPhysicalPresenceLib/DxeTcgPhysicalPresenceLib.c
+++ b/SecurityPkg/Library/DxeTcgPhysicalPresenceLib/DxeTcgPhysicalPresenceLib.c
@@ -542,11 +542,11 @@ UserConfirm (
TmpStr1 = PhysicalPresenceGetStringById (STRING_TOKEN (TPM_HEAD_STR));
UnicodeSPrint (ConfirmText, BufSize, TmpStr1, TmpStr2);
FreePool (TmpStr1);
TmpStr1 = PhysicalPresenceGetStringById (STRING_TOKEN (TPM_ACCEPT_KEY));
- StrnCat (ConfirmText, TmpStr1, (BufSize / sizeof (CHAR16)) - StrLen
(ConfirmText) - 1);
+ StrCatS (ConfirmText, BufSize / sizeof (CHAR16), TmpStr1);
FreePool (TmpStr1);
break;
case PHYSICAL_PRESENCE_DISABLE:
TmpStr2 = PhysicalPresenceGetStringById (STRING_TOKEN (TPM_DISABLE));
@@ -554,15 +554,15 @@ UserConfirm (
TmpStr1 = PhysicalPresenceGetStringById (STRING_TOKEN (TPM_HEAD_STR));
UnicodeSPrint (ConfirmText, BufSize, TmpStr1, TmpStr2);
FreePool (TmpStr1);
TmpStr1 = PhysicalPresenceGetStringById (STRING_TOKEN (TPM_WARNING));
- StrnCat (ConfirmText, TmpStr1, (BufSize / sizeof (CHAR16)) - StrLen
(ConfirmText) - 1);
+ StrCatS (ConfirmText, BufSize / sizeof (CHAR16), TmpStr1);
FreePool (TmpStr1);
TmpStr1 = PhysicalPresenceGetStringById (STRING_TOKEN (TPM_ACCEPT_KEY));
- StrnCat (ConfirmText, TmpStr1, (BufSize / sizeof (CHAR16)) - StrLen
(ConfirmText) - 1);
+ StrCatS (ConfirmText, BufSize / sizeof (CHAR16), TmpStr1);
FreePool (TmpStr1);
break;
case PHYSICAL_PRESENCE_ACTIVATE:
TmpStr2 = PhysicalPresenceGetStringById (STRING_TOKEN (TPM_ACTIVATE));
@@ -570,11 +570,11 @@ UserConfirm (
TmpStr1 = PhysicalPresenceGetStringById (STRING_TOKEN (TPM_HEAD_STR));
UnicodeSPrint (ConfirmText, BufSize, TmpStr1, TmpStr2);
FreePool (TmpStr1);
TmpStr1 = PhysicalPresenceGetStringById (STRING_TOKEN (TPM_ACCEPT_KEY));
- StrnCat (ConfirmText, TmpStr1, (BufSize / sizeof (CHAR16)) - StrLen
(ConfirmText) - 1);
+ StrCatS (ConfirmText, BufSize / sizeof (CHAR16), TmpStr1);
FreePool (TmpStr1);
break;
case PHYSICAL_PRESENCE_DEACTIVATE:
TmpStr2 = PhysicalPresenceGetStringById (STRING_TOKEN (TPM_DEACTIVATE));
@@ -582,15 +582,15 @@ UserConfirm (
TmpStr1 = PhysicalPresenceGetStringById (STRING_TOKEN (TPM_HEAD_STR));
UnicodeSPrint (ConfirmText, BufSize, TmpStr1, TmpStr2);
FreePool (TmpStr1);
TmpStr1 = PhysicalPresenceGetStringById (STRING_TOKEN (TPM_WARNING));
- StrnCat (ConfirmText, TmpStr1, (BufSize / sizeof (CHAR16)) - StrLen
(ConfirmText) - 1);
+ StrCatS (ConfirmText, BufSize / sizeof (CHAR16), TmpStr1);
FreePool (TmpStr1);
TmpStr1 = PhysicalPresenceGetStringById (STRING_TOKEN (TPM_ACCEPT_KEY));
- StrnCat (ConfirmText, TmpStr1, (BufSize / sizeof (CHAR16)) - StrLen
(ConfirmText) - 1);
+ StrCatS (ConfirmText, BufSize / sizeof (CHAR16), TmpStr1);
FreePool (TmpStr1);
break;
case PHYSICAL_PRESENCE_CLEAR:
CautionKey = TRUE;
@@ -599,16 +599,16 @@ UserConfirm (
TmpStr1 = PhysicalPresenceGetStringById (STRING_TOKEN (TPM_HEAD_STR));
UnicodeSPrint (ConfirmText, BufSize, TmpStr1, TmpStr2);
FreePool (TmpStr1);
TmpStr1 = PhysicalPresenceGetStringById (STRING_TOKEN
(TPM_WARNING_CLEAR));
- StrnCat (ConfirmText, TmpStr1, (BufSize / sizeof (CHAR16)) - StrLen
(ConfirmText) - 1);
- StrnCat (ConfirmText, L" \n\n", (BufSize / sizeof (CHAR16)) - StrLen
(ConfirmText) - 1);
+ StrCatS (ConfirmText, BufSize / sizeof (CHAR16), TmpStr1);
+ StrCatS (ConfirmText, BufSize / sizeof (CHAR16), L" \n\n");
FreePool (TmpStr1);
TmpStr1 = PhysicalPresenceGetStringById (STRING_TOKEN (TPM_CAUTION_KEY));
- StrnCat (ConfirmText, TmpStr1, (BufSize / sizeof (CHAR16)) - StrLen
(ConfirmText) - 1);
+ StrCatS (ConfirmText, BufSize / sizeof (CHAR16), TmpStr1);
FreePool (TmpStr1);
break;
case PHYSICAL_PRESENCE_ENABLE_ACTIVATE:
TmpStr2 = PhysicalPresenceGetStringById (STRING_TOKEN
(TPM_ENABLE_ACTIVATE));
@@ -616,15 +616,15 @@ UserConfirm (
TmpStr1 = PhysicalPresenceGetStringById (STRING_TOKEN (TPM_HEAD_STR));
UnicodeSPrint (ConfirmText, BufSize, TmpStr1, TmpStr2);
FreePool (TmpStr1);
TmpStr1 = PhysicalPresenceGetStringById (STRING_TOKEN (TPM_NOTE_ON));
- StrnCat (ConfirmText, TmpStr1, (BufSize / sizeof (CHAR16)) - StrLen
(ConfirmText) - 1);
+ StrCatS (ConfirmText, BufSize / sizeof (CHAR16), TmpStr1);
FreePool (TmpStr1);
TmpStr1 = PhysicalPresenceGetStringById (STRING_TOKEN (TPM_ACCEPT_KEY));
- StrnCat (ConfirmText, TmpStr1, (BufSize / sizeof (CHAR16)) - StrLen
(ConfirmText) - 1);
+ StrCatS (ConfirmText, BufSize / sizeof (CHAR16), TmpStr1);
FreePool (TmpStr1);
break;
case PHYSICAL_PRESENCE_DEACTIVATE_DISABLE:
TmpStr2 = PhysicalPresenceGetStringById (STRING_TOKEN
(TPM_DEACTIVATE_DISABLE));
@@ -632,19 +632,19 @@ UserConfirm (
TmpStr1 = PhysicalPresenceGetStringById (STRING_TOKEN (TPM_HEAD_STR));
UnicodeSPrint (ConfirmText, BufSize, TmpStr1, TmpStr2);
FreePool (TmpStr1);
TmpStr1 = PhysicalPresenceGetStringById (STRING_TOKEN (TPM_NOTE_OFF));
- StrnCat (ConfirmText, TmpStr1, (BufSize / sizeof (CHAR16)) - StrLen
(ConfirmText) - 1);
+ StrCatS (ConfirmText, BufSize / sizeof (CHAR16), TmpStr1);
FreePool (TmpStr1);
TmpStr1 = PhysicalPresenceGetStringById (STRING_TOKEN (TPM_WARNING));
- StrnCat (ConfirmText, TmpStr1, (BufSize / sizeof (CHAR16)) - StrLen
(ConfirmText) - 1);
+ StrCatS (ConfirmText, BufSize / sizeof (CHAR16), TmpStr1);
FreePool (TmpStr1);
TmpStr1 = PhysicalPresenceGetStringById (STRING_TOKEN (TPM_ACCEPT_KEY));
- StrnCat (ConfirmText, TmpStr1, (BufSize / sizeof (CHAR16)) - StrLen
(ConfirmText) - 1);
+ StrCatS (ConfirmText, BufSize / sizeof (CHAR16), TmpStr1);
FreePool (TmpStr1);
break;
case PHYSICAL_PRESENCE_SET_OWNER_INSTALL_TRUE:
TmpStr2 = PhysicalPresenceGetStringById (STRING_TOKEN
(TPM_ALLOW_TAKE_OWNERSHIP));
@@ -652,11 +652,11 @@ UserConfirm (
TmpStr1 = PhysicalPresenceGetStringById (STRING_TOKEN (TPM_HEAD_STR));
UnicodeSPrint (ConfirmText, BufSize, TmpStr1, TmpStr2);
FreePool (TmpStr1);
TmpStr1 = PhysicalPresenceGetStringById (STRING_TOKEN (TPM_ACCEPT_KEY));
- StrnCat (ConfirmText, TmpStr1, (BufSize / sizeof (CHAR16)) - StrLen
(ConfirmText) - 1);
+ StrCatS (ConfirmText, BufSize / sizeof (CHAR16), TmpStr1);
FreePool (TmpStr1);
break;
case PHYSICAL_PRESENCE_SET_OWNER_INSTALL_FALSE:
TmpStr2 = PhysicalPresenceGetStringById (STRING_TOKEN
(TPM_DISALLOW_TAKE_OWNERSHIP));
@@ -664,11 +664,11 @@ UserConfirm (
TmpStr1 = PhysicalPresenceGetStringById (STRING_TOKEN (TPM_HEAD_STR));
UnicodeSPrint (ConfirmText, BufSize, TmpStr1, TmpStr2);
FreePool (TmpStr1);
TmpStr1 = PhysicalPresenceGetStringById (STRING_TOKEN (TPM_ACCEPT_KEY));
- StrnCat (ConfirmText, TmpStr1, (BufSize / sizeof (CHAR16)) - StrLen
(ConfirmText) - 1);
+ StrCatS (ConfirmText, BufSize / sizeof (CHAR16), TmpStr1);
FreePool (TmpStr1);
break;
case PHYSICAL_PRESENCE_ENABLE_ACTIVATE_OWNER_TRUE:
TmpStr2 = PhysicalPresenceGetStringById (STRING_TOKEN (TPM_TURN_ON));
@@ -676,15 +676,15 @@ UserConfirm (
TmpStr1 = PhysicalPresenceGetStringById (STRING_TOKEN (TPM_HEAD_STR));
UnicodeSPrint (ConfirmText, BufSize, TmpStr1, TmpStr2);
FreePool (TmpStr1);
TmpStr1 = PhysicalPresenceGetStringById (STRING_TOKEN (TPM_NOTE_ON));
- StrnCat (ConfirmText, TmpStr1, (BufSize / sizeof (CHAR16)) - StrLen
(ConfirmText) - 1);
+ StrCatS (ConfirmText, BufSize / sizeof (CHAR16), TmpStr1);
FreePool (TmpStr1);
TmpStr1 = PhysicalPresenceGetStringById (STRING_TOKEN (TPM_ACCEPT_KEY));
- StrnCat (ConfirmText, TmpStr1, (BufSize / sizeof (CHAR16)) - StrLen
(ConfirmText) - 1);
+ StrCatS (ConfirmText, BufSize / sizeof (CHAR16), TmpStr1);
FreePool (TmpStr1);
break;
case PHYSICAL_PRESENCE_DEACTIVATE_DISABLE_OWNER_FALSE:
TmpStr2 = PhysicalPresenceGetStringById (STRING_TOKEN (TPM_TURN_OFF));
@@ -692,19 +692,19 @@ UserConfirm (
TmpStr1 = PhysicalPresenceGetStringById (STRING_TOKEN (TPM_HEAD_STR));
UnicodeSPrint (ConfirmText, BufSize, TmpStr1, TmpStr2);
FreePool (TmpStr1);
TmpStr1 = PhysicalPresenceGetStringById (STRING_TOKEN (TPM_NOTE_OFF));
- StrnCat (ConfirmText, TmpStr1, (BufSize / sizeof (CHAR16)) - StrLen
(ConfirmText) - 1);
+ StrCatS (ConfirmText, BufSize / sizeof (CHAR16), TmpStr1);
FreePool (TmpStr1);
TmpStr1 = PhysicalPresenceGetStringById (STRING_TOKEN (TPM_WARNING));
- StrnCat (ConfirmText, TmpStr1, (BufSize / sizeof (CHAR16)) - StrLen
(ConfirmText) - 1);
+ StrCatS (ConfirmText, BufSize / sizeof (CHAR16), TmpStr1);
FreePool (TmpStr1);
TmpStr1 = PhysicalPresenceGetStringById (STRING_TOKEN (TPM_ACCEPT_KEY));
- StrnCat (ConfirmText, TmpStr1, (BufSize / sizeof (CHAR16)) - StrLen
(ConfirmText) - 1);
+ StrCatS (ConfirmText, BufSize / sizeof (CHAR16), TmpStr1);
FreePool (TmpStr1);
break;
case PHYSICAL_PRESENCE_DEFERRED_PP_UNOWNERED_FIELD_UPGRADE:
CautionKey = TRUE;
@@ -713,15 +713,15 @@ UserConfirm (
TmpStr1 = PhysicalPresenceGetStringById (STRING_TOKEN
(TPM_UPGRADE_HEAD_STR));
UnicodeSPrint (ConfirmText, BufSize, TmpStr1, TmpStr2);
FreePool (TmpStr1);
TmpStr1 = PhysicalPresenceGetStringById (STRING_TOKEN
(TPM_WARNING_MAINTAIN));
- StrnCat (ConfirmText, TmpStr1, (BufSize / sizeof (CHAR16)) - StrLen
(ConfirmText) - 1);
+ StrCatS (ConfirmText, BufSize / sizeof (CHAR16), TmpStr1);
FreePool (TmpStr1);
TmpStr1 = PhysicalPresenceGetStringById (STRING_TOKEN (TPM_CAUTION_KEY));
- StrnCat (ConfirmText, TmpStr1, (BufSize / sizeof (CHAR16)) - StrLen
(ConfirmText) - 1);
+ StrCatS (ConfirmText, BufSize / sizeof (CHAR16), TmpStr1);
FreePool (TmpStr1);
break;
case PHYSICAL_PRESENCE_SET_OPERATOR_AUTH:
//
@@ -738,23 +738,23 @@ UserConfirm (
TmpStr1 = PhysicalPresenceGetStringById (STRING_TOKEN (TPM_HEAD_STR));
UnicodeSPrint (ConfirmText, BufSize, TmpStr1, TmpStr2);
FreePool (TmpStr1);
TmpStr1 = PhysicalPresenceGetStringById (STRING_TOKEN (TPM_NOTE_ON));
- StrnCat (ConfirmText, TmpStr1, (BufSize / sizeof (CHAR16)) - StrLen
(ConfirmText) - 1);
+ StrCatS (ConfirmText, BufSize / sizeof (CHAR16), TmpStr1);
FreePool (TmpStr1);
TmpStr1 = PhysicalPresenceGetStringById (STRING_TOKEN
(TPM_WARNING_CLEAR));
- StrnCat (ConfirmText, TmpStr1, (BufSize / sizeof (CHAR16)) - StrLen
(ConfirmText) - 1);
+ StrCatS (ConfirmText, BufSize / sizeof (CHAR16), TmpStr1);
FreePool (TmpStr1);
TmpStr1 = PhysicalPresenceGetStringById (STRING_TOKEN
(TPM_WARNING_CLEAR_CONT));
- StrnCat (ConfirmText, TmpStr1, (BufSize / sizeof (CHAR16)) - StrLen
(ConfirmText) - 1);
+ StrCatS (ConfirmText, BufSize / sizeof (CHAR16), TmpStr1);
FreePool (TmpStr1);
TmpStr1 = PhysicalPresenceGetStringById (STRING_TOKEN (TPM_CAUTION_KEY));
- StrnCat (ConfirmText, TmpStr1, (BufSize / sizeof (CHAR16)) - StrLen
(ConfirmText) - 1);
+ StrCatS (ConfirmText, BufSize / sizeof (CHAR16), TmpStr1);
FreePool (TmpStr1);
break;
case PHYSICAL_PRESENCE_SET_NO_PPI_PROVISION_TRUE:
TmpStr2 = PhysicalPresenceGetStringById (STRING_TOKEN
(TPM_NO_PPI_PROVISION));
@@ -762,15 +762,15 @@ UserConfirm (
TmpStr1 = PhysicalPresenceGetStringById (STRING_TOKEN
(TPM_PPI_HEAD_STR));
UnicodeSPrint (ConfirmText, BufSize, TmpStr1, TmpStr2);
FreePool (TmpStr1);
TmpStr1 = PhysicalPresenceGetStringById (STRING_TOKEN (TPM_ACCEPT_KEY));
- StrnCat (ConfirmText, TmpStr1, (BufSize / sizeof (CHAR16)) - StrLen
(ConfirmText) - 1);
+ StrCatS (ConfirmText, BufSize / sizeof (CHAR16), TmpStr1);
FreePool (TmpStr1);
TmpStr1 = PhysicalPresenceGetStringById (STRING_TOKEN (TPM_NO_PPI_INFO));
- StrnCat (ConfirmText, TmpStr1, (BufSize / sizeof (CHAR16)) - StrLen
(ConfirmText) - 1);
+ StrCatS (ConfirmText, BufSize / sizeof (CHAR16), TmpStr1);
FreePool (TmpStr1);
break;
case PHYSICAL_PRESENCE_SET_NO_PPI_CLEAR_TRUE:
CautionKey = TRUE;
@@ -779,24 +779,24 @@ UserConfirm (
TmpStr1 = PhysicalPresenceGetStringById (STRING_TOKEN
(TPM_PPI_HEAD_STR));
UnicodeSPrint (ConfirmText, BufSize, TmpStr1, TmpStr2);
FreePool (TmpStr1);
TmpStr1 = PhysicalPresenceGetStringById (STRING_TOKEN (TPM_NOTE_CLEAR));
- StrnCat (ConfirmText, TmpStr1, (BufSize / sizeof (CHAR16)) - StrLen
(ConfirmText) - 1);
+ StrCatS (ConfirmText, BufSize / sizeof (CHAR16), TmpStr1);
FreePool (TmpStr1);
TmpStr1 = PhysicalPresenceGetStringById (STRING_TOKEN
(TPM_WARNING_CLEAR));
- StrnCat (ConfirmText, TmpStr1, (BufSize / sizeof (CHAR16)) - StrLen
(ConfirmText) - 1);
- StrnCat (ConfirmText, L" \n\n", (BufSize / sizeof (CHAR16)) - StrLen
(ConfirmText) - 1);
+ StrCatS (ConfirmText, BufSize / sizeof (CHAR16), TmpStr1);
+ StrCatS (ConfirmText, BufSize / sizeof (CHAR16), L" \n\n");
FreePool (TmpStr1);
TmpStr1 = PhysicalPresenceGetStringById (STRING_TOKEN (TPM_CAUTION_KEY));
- StrnCat (ConfirmText, TmpStr1, (BufSize / sizeof (CHAR16)) - StrLen
(ConfirmText) - 1);
+ StrCatS (ConfirmText, BufSize / sizeof (CHAR16), TmpStr1);
FreePool (TmpStr1);
TmpStr1 = PhysicalPresenceGetStringById (STRING_TOKEN (TPM_NO_PPI_INFO));
- StrnCat (ConfirmText, TmpStr1, (BufSize / sizeof (CHAR16)) - StrLen
(ConfirmText) - 1);
+ StrCatS (ConfirmText, BufSize / sizeof (CHAR16), TmpStr1);
FreePool (TmpStr1);
break;
case PHYSICAL_PRESENCE_SET_NO_PPI_MAINTENANCE_TRUE:
CautionKey = TRUE;
@@ -805,19 +805,19 @@ UserConfirm (
TmpStr1 = PhysicalPresenceGetStringById (STRING_TOKEN
(TPM_PPI_HEAD_STR));
UnicodeSPrint (ConfirmText, BufSize, TmpStr1, TmpStr2);
FreePool (TmpStr1);
TmpStr1 = PhysicalPresenceGetStringById (STRING_TOKEN
(TPM_WARNING_MAINTAIN));
- StrnCat (ConfirmText, TmpStr1, (BufSize / sizeof (CHAR16)) - StrLen
(ConfirmText) - 1);
+ StrCatS (ConfirmText, BufSize / sizeof (CHAR16), TmpStr1);
FreePool (TmpStr1);
TmpStr1 = PhysicalPresenceGetStringById (STRING_TOKEN (TPM_CAUTION_KEY));
- StrnCat (ConfirmText, TmpStr1, (BufSize / sizeof (CHAR16)) - StrLen
(ConfirmText) - 1);
+ StrCatS (ConfirmText, BufSize / sizeof (CHAR16), TmpStr1);
FreePool (TmpStr1);
TmpStr1 = PhysicalPresenceGetStringById (STRING_TOKEN (TPM_NO_PPI_INFO));
- StrnCat (ConfirmText, TmpStr1, (BufSize / sizeof (CHAR16)) - StrLen
(ConfirmText) - 1);
+ StrCatS (ConfirmText, BufSize / sizeof (CHAR16), TmpStr1);
FreePool (TmpStr1);
break;
case PHYSICAL_PRESENCE_ENABLE_ACTIVATE_CLEAR:
CautionKey = TRUE;
@@ -826,16 +826,16 @@ UserConfirm (
TmpStr1 = PhysicalPresenceGetStringById (STRING_TOKEN (TPM_HEAD_STR));
UnicodeSPrint (ConfirmText, BufSize, TmpStr1, TmpStr2);
FreePool (TmpStr1);
TmpStr1 = PhysicalPresenceGetStringById (STRING_TOKEN
(TPM_WARNING_CLEAR));
- StrnCat (ConfirmText, TmpStr1, (BufSize / sizeof (CHAR16)) - StrLen
(ConfirmText) - 1);
- StrnCat (ConfirmText, L" \n\n", (BufSize / sizeof (CHAR16)) - StrLen
(ConfirmText) - 1);
+ StrCatS (ConfirmText, BufSize / sizeof (CHAR16), TmpStr1);
+ StrCatS (ConfirmText, BufSize / sizeof (CHAR16), L" \n\n");
FreePool (TmpStr1);
TmpStr1 = PhysicalPresenceGetStringById (STRING_TOKEN (TPM_CAUTION_KEY));
- StrnCat (ConfirmText, TmpStr1, (BufSize / sizeof (CHAR16)) - StrLen
(ConfirmText) - 1);
+ StrCatS (ConfirmText, BufSize / sizeof (CHAR16), TmpStr1);
FreePool (TmpStr1);
break;
case PHYSICAL_PRESENCE_ENABLE_ACTIVATE_CLEAR_ENABLE_ACTIVATE:
CautionKey = TRUE;
@@ -844,23 +844,23 @@ UserConfirm (
TmpStr1 = PhysicalPresenceGetStringById (STRING_TOKEN (TPM_HEAD_STR));
UnicodeSPrint (ConfirmText, BufSize, TmpStr1, TmpStr2);
FreePool (TmpStr1);
TmpStr1 = PhysicalPresenceGetStringById (STRING_TOKEN (TPM_NOTE_ON));
- StrnCat (ConfirmText, TmpStr1, (BufSize / sizeof (CHAR16)) - StrLen
(ConfirmText) - 1);
+ StrCatS (ConfirmText, BufSize / sizeof (CHAR16), TmpStr1);
FreePool (TmpStr1);
TmpStr1 = PhysicalPresenceGetStringById (STRING_TOKEN
(TPM_WARNING_CLEAR));
- StrnCat (ConfirmText, TmpStr1, (BufSize / sizeof (CHAR16)) - StrLen
(ConfirmText) - 1);
+ StrCatS (ConfirmText, BufSize / sizeof (CHAR16), TmpStr1);
FreePool (TmpStr1);
TmpStr1 = PhysicalPresenceGetStringById (STRING_TOKEN
(TPM_WARNING_CLEAR_CONT));
- StrnCat (ConfirmText, TmpStr1, (BufSize / sizeof (CHAR16)) - StrLen
(ConfirmText) - 1);
+ StrCatS (ConfirmText, BufSize / sizeof (CHAR16), TmpStr1);
FreePool (TmpStr1);
TmpStr1 = PhysicalPresenceGetStringById (STRING_TOKEN (TPM_CAUTION_KEY));
- StrnCat (ConfirmText, TmpStr1, (BufSize / sizeof (CHAR16)) - StrLen
(ConfirmText) - 1);
+ StrCatS (ConfirmText, BufSize / sizeof (CHAR16), TmpStr1);
FreePool (TmpStr1);
break;
default:
;
@@ -875,11 +875,11 @@ UserConfirm (
BufSize -= StrSize (ConfirmText);
UnicodeSPrint (ConfirmText + StrLen (ConfirmText), BufSize, TmpStr1,
TmpStr2);
DstStr[80] = L'\0';
for (Index = 0; Index < StrLen (ConfirmText); Index += 80) {
- StrnCpy(DstStr, ConfirmText + Index, 80);
+ StrCpyS(DstStr, 81, ConfirmText + Index);
Print (DstStr);
}
FreePool (TmpStr1);
FreePool (TmpStr2);
diff --git
a/SecurityPkg/Library/DxeTrEEPhysicalPresenceLib/DxeTrEEPhysicalPresenceLib.c
b/SecurityPkg/Library/DxeTrEEPhysicalPresenceLib/DxeTrEEPhysicalPresenceLib.c
index 9ff9d88..a0e2435 100644
---
a/SecurityPkg/Library/DxeTrEEPhysicalPresenceLib/DxeTrEEPhysicalPresenceLib.c
+++
b/SecurityPkg/Library/DxeTrEEPhysicalPresenceLib/DxeTrEEPhysicalPresenceLib.c
@@ -259,16 +259,16 @@ TrEEUserConfirm (
TmpStr1 = TrEEPhysicalPresenceGetStringById (STRING_TOKEN
(TPM_HEAD_STR));
UnicodeSPrint (ConfirmText, BufSize, TmpStr1, TmpStr2);
FreePool (TmpStr1);
TmpStr1 = TrEEPhysicalPresenceGetStringById (STRING_TOKEN
(TPM_WARNING_CLEAR));
- StrnCat (ConfirmText, TmpStr1, (BufSize / sizeof (CHAR16)) - StrLen
(ConfirmText) - 1);
- StrnCat (ConfirmText, L" \n\n", (BufSize / sizeof (CHAR16)) - StrLen
(ConfirmText) - 1);
+ StrCatS (ConfirmText, BufSize / sizeof (CHAR16), TmpStr1);
+ StrCatS (ConfirmText, BufSize / sizeof (CHAR16), L" \n\n");
FreePool (TmpStr1);
TmpStr1 = TrEEPhysicalPresenceGetStringById (STRING_TOKEN
(TPM_CAUTION_KEY));
- StrnCat (ConfirmText, TmpStr1, (BufSize / sizeof (CHAR16)) - StrLen
(ConfirmText) - 1);
+ StrCatS (ConfirmText, BufSize / sizeof (CHAR16), TmpStr1);
FreePool (TmpStr1);
break;
case TREE_PHYSICAL_PRESENCE_SET_NO_PPI_CLEAR_TRUE:
CautionKey = TRUE;
@@ -277,24 +277,24 @@ TrEEUserConfirm (
TmpStr1 = TrEEPhysicalPresenceGetStringById (STRING_TOKEN
(TPM_PPI_HEAD_STR));
UnicodeSPrint (ConfirmText, BufSize, TmpStr1, TmpStr2);
FreePool (TmpStr1);
TmpStr1 = TrEEPhysicalPresenceGetStringById (STRING_TOKEN
(TPM_NOTE_CLEAR));
- StrnCat (ConfirmText, TmpStr1, (BufSize / sizeof (CHAR16)) - StrLen
(ConfirmText) - 1);
+ StrCatS (ConfirmText, BufSize / sizeof (CHAR16), TmpStr1);
FreePool (TmpStr1);
TmpStr1 = TrEEPhysicalPresenceGetStringById (STRING_TOKEN
(TPM_WARNING_CLEAR));
- StrnCat (ConfirmText, TmpStr1, (BufSize / sizeof (CHAR16)) - StrLen
(ConfirmText) - 1);
- StrnCat (ConfirmText, L" \n\n", (BufSize / sizeof (CHAR16)) - StrLen
(ConfirmText) - 1);
+ StrCatS (ConfirmText, BufSize / sizeof (CHAR16), TmpStr1);
+ StrCatS (ConfirmText, BufSize / sizeof (CHAR16), L" \n\n");
FreePool (TmpStr1);
TmpStr1 = TrEEPhysicalPresenceGetStringById (STRING_TOKEN
(TPM_CAUTION_KEY));
- StrnCat (ConfirmText, TmpStr1, (BufSize / sizeof (CHAR16)) - StrLen
(ConfirmText) - 1);
+ StrCatS (ConfirmText, BufSize / sizeof (CHAR16), TmpStr1);
FreePool (TmpStr1);
TmpStr1 = TrEEPhysicalPresenceGetStringById (STRING_TOKEN
(TPM_NO_PPI_INFO));
- StrnCat (ConfirmText, TmpStr1, (BufSize / sizeof (CHAR16)) - StrLen
(ConfirmText) - 1);
+ StrCatS (ConfirmText, BufSize / sizeof (CHAR16), TmpStr1);
FreePool (TmpStr1);
break;
default:
;
@@ -309,11 +309,11 @@ TrEEUserConfirm (
BufSize -= StrSize (ConfirmText);
UnicodeSPrint (ConfirmText + StrLen (ConfirmText), BufSize, TmpStr1,
TmpStr2);
DstStr[80] = L'\0';
for (Index = 0; Index < StrLen (ConfirmText); Index += 80) {
- StrnCpy(DstStr, ConfirmText + Index, 80);
+ StrCpyS(DstStr, 81, ConfirmText + Index);
Print (DstStr);
}
FreePool (TmpStr1);
FreePool (TmpStr2);
diff --git
a/SecurityPkg/UserIdentification/UserProfileManagerDxe/UserProfileModify.c
b/SecurityPkg/UserIdentification/UserProfileManagerDxe/UserProfileModify.c
index 67fc300..124adc0 100644
--- a/SecurityPkg/UserIdentification/UserProfileManagerDxe/UserProfileModify.c
+++ b/SecurityPkg/UserIdentification/UserProfileManagerDxe/UserProfileModify.c
@@ -1,9 +1,9 @@
/** @file
The functions to modify a user profile.
-Copyright (c) 2009 - 2011, Intel Corporation. All rights reserved.<BR>
+Copyright (c) 2009 - 2015, Intel Corporation. All rights reserved.<BR>
This program and the accompanying materials
are licensed and made available under the terms and conditions of the BSD
License
which accompanies this distribution. The full text of the license may be
found at
http://opensource.org/licenses/bsd-license.php
@@ -343,15 +343,15 @@ AddStr (
TmpStr = AllocateZeroPool (StrLength);
ASSERT (TmpStr != NULL);
if (*Source1 == NULL) {
- StrCpy (TmpStr, Source2);;
+ StrCpyS (TmpStr, StrLength / sizeof (CHAR16), Source2);
} else {
- StrCpy (TmpStr, *Source1);
+ StrCpyS (TmpStr, StrLength / sizeof (CHAR16), *Source1);
FreePool (*Source1);
- StrCat (TmpStr, Source2);
+ StrCatS (TmpStr, (StrLength - StrSize(Source1) + 2)/ sizeof
(CHAR16),Source2);
}
*Source1 = TmpStr;
}
diff --git a/SecurityPkg/VariableAuthenticated/EsalVariableDxeSal/Variable.c
b/SecurityPkg/VariableAuthenticated/EsalVariableDxeSal/Variable.c
index 0b2775d..7730022 100644
--- a/SecurityPkg/VariableAuthenticated/EsalVariableDxeSal/Variable.c
+++ b/SecurityPkg/VariableAuthenticated/EsalVariableDxeSal/Variable.c
@@ -1,9 +1,9 @@
/** @file
The implementation of Extended SAL variable services.
-Copyright (c) 2009 - 2014, Intel Corporation. All rights reserved.<BR>
+Copyright (c) 2009 - 2015, Intel Corporation. All rights reserved.<BR>
This program and the accompanying materials
are licensed and made available under the terms and conditions of the BSD
License
which accompanies this distribution. The full text of the license may be
found at
http://opensource.org/licenses/bsd-license.php
@@ -734,11 +734,11 @@ UpdateVariableInfo (
ASSERT (gVariableInfo != NULL);
CopyGuid (&gVariableInfo->VendorGuid, VendorGuid);
gVariableInfo->Name = AllocatePool (StrSize (VariableName));
ASSERT (gVariableInfo->Name != NULL);
- StrCpy (gVariableInfo->Name, VariableName);
+ StrCpyS (gVariableInfo->Name, StrSize (VariableName) / sizeof (CHAR16),
VariableName);
gVariableInfo->Volatile = Volatile;
gBS->InstallConfigurationTable (&gEfiAuthenticatedVariableGuid,
gVariableInfo);
}
@@ -776,11 +776,11 @@ UpdateVariableInfo (
ASSERT (Entry->Next != NULL);
CopyGuid (&Entry->Next->VendorGuid, VendorGuid);
Entry->Next->Name = AllocatePool (StrSize (VariableName));
ASSERT (Entry->Next->Name != NULL);
- StrCpy (Entry->Next->Name, VariableName);
+ StrCpyS (Entry->Next->Name, StrSize (VariableName) / sizeof (CHAR16),
VariableName);
Entry->Next->Volatile = Volatile;
}
}
}
diff --git a/SecurityPkg/VariableAuthenticated/RuntimeDxe/VarCheck.c
b/SecurityPkg/VariableAuthenticated/RuntimeDxe/VarCheck.c
index 740632f..64708fd 100644
--- a/SecurityPkg/VariableAuthenticated/RuntimeDxe/VarCheck.c
+++ b/SecurityPkg/VariableAuthenticated/RuntimeDxe/VarCheck.c
@@ -1158,11 +1158,11 @@ VarCheckVariablePropertySet (
if (Entry == NULL) {
Status = EFI_OUT_OF_RESOURCES;
goto Done;
}
VariableName = (CHAR16 *) ((UINTN) Entry + sizeof (*Entry));
- StrnCpy (VariableName, Name, StrLen (Name));
+ StrCpyS (VariableName, StrSize (Name) / sizeof (CHAR16), Name);
CopyGuid (&Entry->Guid, Guid);
CopyMem (&Entry->VariableProperty, VariableProperty, sizeof
(*VariableProperty));
InsertTailList (&mVarCheckVariableList, &Entry->Link);
}
diff --git a/SecurityPkg/VariableAuthenticated/RuntimeDxe/Variable.c
b/SecurityPkg/VariableAuthenticated/RuntimeDxe/Variable.c
index 15d0531..b30289e 100644
--- a/SecurityPkg/VariableAuthenticated/RuntimeDxe/Variable.c
+++ b/SecurityPkg/VariableAuthenticated/RuntimeDxe/Variable.c
@@ -126,11 +126,11 @@ UpdateVariableInfo (
ASSERT (gVariableInfo != NULL);
CopyGuid (&gVariableInfo->VendorGuid, VendorGuid);
gVariableInfo->Name = AllocatePool (StrSize (VariableName));
ASSERT (gVariableInfo->Name != NULL);
- StrCpy (gVariableInfo->Name, VariableName);
+ StrCpyS (gVariableInfo->Name, StrSize (VariableName) / sizeof (CHAR16),
VariableName);
gVariableInfo->Volatile = Volatile;
}
for (Entry = gVariableInfo; Entry != NULL; Entry = Entry->Next) {
@@ -162,11 +162,11 @@ UpdateVariableInfo (
ASSERT (Entry->Next != NULL);
CopyGuid (&Entry->Next->VendorGuid, VendorGuid);
Entry->Next->Name = AllocatePool (StrSize (VariableName));
ASSERT (Entry->Next->Name != NULL);
- StrCpy (Entry->Next->Name, VariableName);
+ StrCpyS (Entry->Next->Name, StrSize (VariableName) / sizeof (CHAR16),
VariableName);
Entry->Next->Volatile = Volatile;
}
}
}
@@ -1092,11 +1092,11 @@ Reclaim (
goto Done;
}
CopyMem (CurrPtr, (UINT8*) PubKeyHeader, sizeof (VARIABLE_HEADER));
Variable = (VARIABLE_HEADER*) CurrPtr;
Variable->DataSize = NewPubKeySize;
- StrCpy (GetVariableNamePtr (Variable), GetVariableNamePtr (PubKeyHeader));
+ StrCpyS (GetVariableNamePtr (Variable), sizeof (VARIABLE_HEADER) / sizeof
(CHAR16), GetVariableNamePtr (PubKeyHeader));
CopyMem (GetVariableDataPtr (Variable), NewPubKeyStore, NewPubKeySize);
CurrPtr = (UINT8*) GetNextVariablePtr (Variable);
CommonVariableTotalSize += (UINTN) CurrPtr - (UINTN) Variable;
if (IsUserVariable (Variable)) {
CommonUserVariableTotalSize += (UINTN) CurrPtr - (UINTN) Variable;
@@ -2873,11 +2873,11 @@ VariableLockRequestToLock (
goto Done;
}
}
Name = (CHAR16 *) ((UINTN) Entry + sizeof (*Entry));
- StrnCpy (Name, VariableName, StrLen (VariableName));
+ StrCpyS (Name, StrSize (VariableName) / sizeof (CHAR16), VariableName);
CopyGuid (&Entry->Guid, VendorGuid);
InsertTailList (&mLockedVariableList, &Entry->Link);
Done:
ReleaseLockOnlyAtBootTime
(&mVariableModuleGlobal->VariableGlobal.VariableServicesLock);
diff --git
a/SecurityPkg/VariableAuthenticated/SecureBootConfigDxe/SecureBootConfigFileExplorer.c
b/SecurityPkg/VariableAuthenticated/SecureBootConfigDxe/SecureBootConfigFileExplorer.c
index 5ca013c..163c310 100644
---
a/SecurityPkg/VariableAuthenticated/SecureBootConfigDxe/SecureBootConfigFileExplorer.c
+++
b/SecurityPkg/VariableAuthenticated/SecureBootConfigDxe/SecureBootConfigFileExplorer.c
@@ -1,9 +1,9 @@
/** @file
Internal file explorer functions for SecureBoot configuration module.
-Copyright (c) 2012 - 2014, Intel Corporation. All rights reserved.<BR>
+Copyright (c) 2012 - 2015, Intel Corporation. All rights reserved.<BR>
This program and the accompanying materials
are licensed and made available under the terms and conditions of the BSD
License
which accompanies this distribution. The full text of the license may be
found at
http://opensource.org/licenses/bsd-license.php
@@ -137,10 +137,11 @@ AppendFileName (
IN CHAR16 *Str2
)
{
UINTN Size1;
UINTN Size2;
+ UINTN SizeTemp;
CHAR16 *Str;
CHAR16 *TmpStr;
CHAR16 *Ptr;
CHAR16 *LastSlash;
@@ -150,16 +151,18 @@ AppendFileName (
ASSERT (Str != NULL);
TmpStr = AllocateZeroPool (Size1 + Size2 + sizeof (CHAR16));
ASSERT (TmpStr != NULL);
- StrCat (Str, Str1);
+ StrCatS (Str, (Size1 + Size2 + sizeof (CHAR16)) / sizeof (CHAR16), Str1);
+ SizeTemp = Size1 + Size2 + sizeof (CHAR16);
if (!((*Str == '\\') && (*(Str + 1) == 0))) {
- StrCat (Str, L"\\");
+ StrCatS (Str, (Size2 + sizeof (CHAR16)) / sizeof (CHAR16), L"\\");
+ SizeTemp = Size2 + sizeof (CHAR16);
}
- StrCat (Str, Str2);
+ StrCatS (Str, SizeTemp / sizeof (CHAR16), Str2);
Ptr = Str;
LastSlash = Str;
while (*Ptr != 0) {
if (*Ptr == '\\' && *(Ptr + 1) == '.' && *(Ptr + 2) == '.' && *(Ptr + 3)
== L'\\') {
@@ -168,27 +171,27 @@ AppendFileName (
// DO NOT convert the .. if it is at the end of the string. This will
// break the .. behavior in changing directories.
//
//
- // Use TmpStr as a backup, as StrCpy in BaseLib does not handle copy of
two strings
+ // Use TmpStr as a backup, as StrCpyS in BaseLib does not handle copy of
two strings
// that overlap.
//
- StrCpy (TmpStr, Ptr + 3);
- StrCpy (LastSlash, TmpStr);
+ StrCpyS (TmpStr, (Size1 + Size2 + sizeof (CHAR16)) / sizeof (CHAR16),
Ptr + 3);
+ StrCpyS (LastSlash, (Size1 + Size2 + sizeof (CHAR16)) / sizeof (CHAR16),
TmpStr);
Ptr = LastSlash;
} else if (*Ptr == '\\' && *(Ptr + 1) == '.' && *(Ptr + 2) == '\\') {
//
// Convert a "\.\" to a "\"
//
//
- // Use TmpStr as a backup, as StrCpy in BaseLib does not handle copy of
two strings
+ // Use TmpStr as a backup, as StrCpyS in BaseLib does not handle copy of
two strings
// that overlap.
//
- StrCpy (TmpStr, Ptr + 2);
- StrCpy (Ptr, TmpStr);
+ StrCpyS (TmpStr, (Size1 + Size2 + sizeof (CHAR16)) / sizeof (CHAR16),
Ptr + 2);
+ StrCpyS (Ptr, (Size1 + Size2 + sizeof (CHAR16)) / sizeof (CHAR16),
TmpStr);
Ptr = LastSlash;
} else if (*Ptr == '\\') {
LastSlash = Ptr;
}
diff --git
a/SecurityPkg/VariableAuthenticated/SecureBootConfigDxe/SecureBootConfigMisc.c
b/SecurityPkg/VariableAuthenticated/SecureBootConfigDxe/SecureBootConfigMisc.c
index 13c7c27..a83504e 100644
---
a/SecurityPkg/VariableAuthenticated/SecureBootConfigDxe/SecureBootConfigMisc.c
+++
b/SecurityPkg/VariableAuthenticated/SecureBootConfigDxe/SecureBootConfigMisc.c
@@ -1,9 +1,9 @@
/** @file
Helper functions for SecureBoot configuration module.
-Copyright (c) 2012, Intel Corporation. All rights reserved.<BR>
+Copyright (c) 2015, Intel Corporation. All rights reserved.<BR>
This program and the accompanying materials
are licensed and made available under the terms and conditions of the BSD
License
which accompanies this distribution. The full text of the license may be
found at
http://opensource.org/licenses/bsd-license.php
@@ -182,11 +182,11 @@ StringToGuid (
Buffer = (CHAR16 *) AllocateZeroPool (sizeof (CHAR16) * (StrLen + 1));
if (Buffer == NULL) {
return EFI_OUT_OF_RESOURCES;
}
- StrCpy (Buffer, Str);
+ StrCpyS (Buffer, (StrLen + 1), Str);
//
// Data1
//
PtrBuffer = Buffer;
--
1.9.5.msysgit.1
------------------------------------------------------------------------------
Don't Limit Your Business. Reach for the Cloud.
GigeNET's Cloud Solutions provide you with the tools and support that
you need to offload your IT needs and focus on growing your business.
Configured For All Businesses. Start Your Cloud Today.
https://www.gigenetcloud.com/
_______________________________________________
edk2-devel mailing list
edk2-devel@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/edk2-devel
