Message-ID: <430d38d6-8694-47bd-bc68-02903252863b@LUBOZHAN-MOBL.local>
X-Mailer: TortoiseGit
MIME-Version: 1.0
Content-Type: text/plain;
Version v3 including the following updates relative to original one:
Use StrCats instead of StrnCat form.
Change the 2nd parameter in safe function from max free buffer size to max size.
Update Copyright year.
Replace unsafe string functions with new added safe string functions.
Contributed-under: TianoCore Contribution Agreement 1.0
Signed-off-by: Zhang Lubo <lubo.zh...@intel.com>
Reviewed-by: Fu Siyuan <siyuan...@intel.com>
Reviewed-by: Qiu Shumin <shumin....@intel.com>
Reviewed-by: Jaben Carsey <jaben.car...@intel.com>
---
.../DxeTcgPhysicalPresenceLib.c | 90 +++++++++++-----------
.../DxeTrEEPhysicalPresenceLib.c | 18 ++---
.../UserProfileManagerDxe/UserProfileModify.c | 8 +-
.../EsalVariableDxeSal/Variable.c | 6 +-
.../SecureBootConfigFileExplorer.c | 21 ++---
.../SecureBootConfigDxe/SecureBootConfigMisc.c | 4 +-
6 files changed, 74 insertions(+), 73 deletions(-)
diff --git
a/SecurityPkg/Library/DxeTcgPhysicalPresenceLib/DxeTcgPhysicalPresenceLib.c
b/SecurityPkg/Library/DxeTcgPhysicalPresenceLib/DxeTcgPhysicalPresenceLib.c
index 7fbeb0a..913fd1d 100644
--- a/SecurityPkg/Library/DxeTcgPhysicalPresenceLib/DxeTcgPhysicalPresenceLib.c
+++ b/SecurityPkg/Library/DxeTcgPhysicalPresenceLib/DxeTcgPhysicalPresenceLib.c
@@ -542,11 +542,11 @@ UserConfirm (
TmpStr1 = PhysicalPresenceGetStringById (STRING_TOKEN (TPM_HEAD_STR));
UnicodeSPrint (ConfirmText, BufSize, TmpStr1, TmpStr2);
FreePool (TmpStr1);
TmpStr1 = PhysicalPresenceGetStringById (STRING_TOKEN (TPM_ACCEPT_KEY));
- StrnCat (ConfirmText, TmpStr1, (BufSize / sizeof (CHAR16)) - StrLen
(ConfirmText) - 1);
+ StrCatS (ConfirmText, BufSize / sizeof (CHAR16), TmpStr1);
FreePool (TmpStr1);
break;
case PHYSICAL_PRESENCE_DISABLE:
TmpStr2 = PhysicalPresenceGetStringById (STRING_TOKEN (TPM_DISABLE));
@@ -554,15 +554,15 @@ UserConfirm (
TmpStr1 = PhysicalPresenceGetStringById (STRING_TOKEN (TPM_HEAD_STR));
UnicodeSPrint (ConfirmText, BufSize, TmpStr1, TmpStr2);
FreePool (TmpStr1);
TmpStr1 = PhysicalPresenceGetStringById (STRING_TOKEN (TPM_WARNING));
- StrnCat (ConfirmText, TmpStr1, (BufSize / sizeof (CHAR16)) - StrLen
(ConfirmText) - 1);
+ StrCatS (ConfirmText, BufSize / sizeof (CHAR16), TmpStr1);
FreePool (TmpStr1);
TmpStr1 = PhysicalPresenceGetStringById (STRING_TOKEN (TPM_ACCEPT_KEY));
- StrnCat (ConfirmText, TmpStr1, (BufSize / sizeof (CHAR16)) - StrLen
(ConfirmText) - 1);
+ StrCatS (ConfirmText, BufSize / sizeof (CHAR16), TmpStr1);
FreePool (TmpStr1);
break;
case PHYSICAL_PRESENCE_ACTIVATE:
TmpStr2 = PhysicalPresenceGetStringById (STRING_TOKEN (TPM_ACTIVATE));
@@ -570,11 +570,11 @@ UserConfirm (
TmpStr1 = PhysicalPresenceGetStringById (STRING_TOKEN (TPM_HEAD_STR));
UnicodeSPrint (ConfirmText, BufSize, TmpStr1, TmpStr2);
FreePool (TmpStr1);
TmpStr1 = PhysicalPresenceGetStringById (STRING_TOKEN (TPM_ACCEPT_KEY));
- StrnCat (ConfirmText, TmpStr1, (BufSize / sizeof (CHAR16)) - StrLen
(ConfirmText) - 1);
+ StrCatS (ConfirmText, BufSize / sizeof (CHAR16), TmpStr1);
FreePool (TmpStr1);
break;
case PHYSICAL_PRESENCE_DEACTIVATE:
TmpStr2 = PhysicalPresenceGetStringById (STRING_TOKEN (TPM_DEACTIVATE));
@@ -582,15 +582,15 @@ UserConfirm (
TmpStr1 = PhysicalPresenceGetStringById (STRING_TOKEN (TPM_HEAD_STR));
UnicodeSPrint (ConfirmText, BufSize, TmpStr1, TmpStr2);
FreePool (TmpStr1);
TmpStr1 = PhysicalPresenceGetStringById (STRING_TOKEN (TPM_WARNING));
- StrnCat (ConfirmText, TmpStr1, (BufSize / sizeof (CHAR16)) - StrLen
(ConfirmText) - 1);
+ StrCatS (ConfirmText, BufSize / sizeof (CHAR16), TmpStr1);
FreePool (TmpStr1);
TmpStr1 = PhysicalPresenceGetStringById (STRING_TOKEN (TPM_ACCEPT_KEY));
- StrnCat (ConfirmText, TmpStr1, (BufSize / sizeof (CHAR16)) - StrLen
(ConfirmText) - 1);
+ StrCatS (ConfirmText, BufSize / sizeof (CHAR16), TmpStr1);
FreePool (TmpStr1);
break;
case PHYSICAL_PRESENCE_CLEAR:
CautionKey = TRUE;
@@ -599,16 +599,16 @@ UserConfirm (
TmpStr1 = PhysicalPresenceGetStringById (STRING_TOKEN (TPM_HEAD_STR));
UnicodeSPrint (ConfirmText, BufSize, TmpStr1, TmpStr2);
FreePool (TmpStr1);
TmpStr1 = PhysicalPresenceGetStringById (STRING_TOKEN
(TPM_WARNING_CLEAR));
- StrnCat (ConfirmText, TmpStr1, (BufSize / sizeof (CHAR16)) - StrLen
(ConfirmText) - 1);
- StrnCat (ConfirmText, L" \n\n", (BufSize / sizeof (CHAR16)) - StrLen
(ConfirmText) - 1);
+ StrCatS (ConfirmText, BufSize / sizeof (CHAR16), TmpStr1);
+ StrCatS (ConfirmText, BufSize / sizeof (CHAR16), L" \n\n");
FreePool (TmpStr1);
TmpStr1 = PhysicalPresenceGetStringById (STRING_TOKEN (TPM_CAUTION_KEY));
- StrnCat (ConfirmText, TmpStr1, (BufSize / sizeof (CHAR16)) - StrLen
(ConfirmText) - 1);
+ StrCatS (ConfirmText, BufSize / sizeof (CHAR16), TmpStr1);
FreePool (TmpStr1);
break;
case PHYSICAL_PRESENCE_ENABLE_ACTIVATE:
TmpStr2 = PhysicalPresenceGetStringById (STRING_TOKEN
(TPM_ENABLE_ACTIVATE));
@@ -616,15 +616,15 @@ UserConfirm (
TmpStr1 = PhysicalPresenceGetStringById (STRING_TOKEN (TPM_HEAD_STR));
UnicodeSPrint (ConfirmText, BufSize, TmpStr1, TmpStr2);
FreePool (TmpStr1);
TmpStr1 = PhysicalPresenceGetStringById (STRING_TOKEN (TPM_NOTE_ON));
- StrnCat (ConfirmText, TmpStr1, (BufSize / sizeof (CHAR16)) - StrLen
(ConfirmText) - 1);
+ StrCatS (ConfirmText, BufSize / sizeof (CHAR16), TmpStr1);
FreePool (TmpStr1);
TmpStr1 = PhysicalPresenceGetStringById (STRING_TOKEN (TPM_ACCEPT_KEY));
- StrnCat (ConfirmText, TmpStr1, (BufSize / sizeof (CHAR16)) - StrLen
(ConfirmText) - 1);
+ StrCatS (ConfirmText, BufSize / sizeof (CHAR16), TmpStr1);
FreePool (TmpStr1);
break;
case PHYSICAL_PRESENCE_DEACTIVATE_DISABLE:
TmpStr2 = PhysicalPresenceGetStringById (STRING_TOKEN
(TPM_DEACTIVATE_DISABLE));
@@ -632,19 +632,19 @@ UserConfirm (
TmpStr1 = PhysicalPresenceGetStringById (STRING_TOKEN (TPM_HEAD_STR));
UnicodeSPrint (ConfirmText, BufSize, TmpStr1, TmpStr2);
FreePool (TmpStr1);
TmpStr1 = PhysicalPresenceGetStringById (STRING_TOKEN (TPM_NOTE_OFF));
- StrnCat (ConfirmText, TmpStr1, (BufSize / sizeof (CHAR16)) - StrLen
(ConfirmText) - 1);
+ StrCatS (ConfirmText, BufSize / sizeof (CHAR16), TmpStr1);
FreePool (TmpStr1);
TmpStr1 = PhysicalPresenceGetStringById (STRING_TOKEN (TPM_WARNING));
- StrnCat (ConfirmText, TmpStr1, (BufSize / sizeof (CHAR16)) - StrLen
(ConfirmText) - 1);
+ StrCatS (ConfirmText, BufSize / sizeof (CHAR16), TmpStr1);
FreePool (TmpStr1);
TmpStr1 = PhysicalPresenceGetStringById (STRING_TOKEN (TPM_ACCEPT_KEY));
- StrnCat (ConfirmText, TmpStr1, (BufSize / sizeof (CHAR16)) - StrLen
(ConfirmText) - 1);
+ StrCatS (ConfirmText, BufSize / sizeof (CHAR16), TmpStr1);
FreePool (TmpStr1);
break;
case PHYSICAL_PRESENCE_SET_OWNER_INSTALL_TRUE:
TmpStr2 = PhysicalPresenceGetStringById (STRING_TOKEN
(TPM_ALLOW_TAKE_OWNERSHIP));
@@ -652,11 +652,11 @@ UserConfirm (
TmpStr1 = PhysicalPresenceGetStringById (STRING_TOKEN (TPM_HEAD_STR));
UnicodeSPrint (ConfirmText, BufSize, TmpStr1, TmpStr2);
FreePool (TmpStr1);
TmpStr1 = PhysicalPresenceGetStringById (STRING_TOKEN (TPM_ACCEPT_KEY));
- StrnCat (ConfirmText, TmpStr1, (BufSize / sizeof (CHAR16)) - StrLen
(ConfirmText) - 1);
+ StrCatS (ConfirmText, BufSize / sizeof (CHAR16), TmpStr1);
FreePool (TmpStr1);
break;
case PHYSICAL_PRESENCE_SET_OWNER_INSTALL_FALSE:
TmpStr2 = PhysicalPresenceGetStringById (STRING_TOKEN
(TPM_DISALLOW_TAKE_OWNERSHIP));
@@ -664,11 +664,11 @@ UserConfirm (
TmpStr1 = PhysicalPresenceGetStringById (STRING_TOKEN (TPM_HEAD_STR));
UnicodeSPrint (ConfirmText, BufSize, TmpStr1, TmpStr2);
FreePool (TmpStr1);
TmpStr1 = PhysicalPresenceGetStringById (STRING_TOKEN (TPM_ACCEPT_KEY));
- StrnCat (ConfirmText, TmpStr1, (BufSize / sizeof (CHAR16)) - StrLen
(ConfirmText) - 1);
+ StrCatS (ConfirmText, BufSize / sizeof (CHAR16), TmpStr1);
FreePool (TmpStr1);
break;
case PHYSICAL_PRESENCE_ENABLE_ACTIVATE_OWNER_TRUE:
TmpStr2 = PhysicalPresenceGetStringById (STRING_TOKEN (TPM_TURN_ON));
@@ -676,15 +676,15 @@ UserConfirm (
TmpStr1 = PhysicalPresenceGetStringById (STRING_TOKEN (TPM_HEAD_STR));
UnicodeSPrint (ConfirmText, BufSize, TmpStr1, TmpStr2);
FreePool (TmpStr1);
TmpStr1 = PhysicalPresenceGetStringById (STRING_TOKEN (TPM_NOTE_ON));
- StrnCat (ConfirmText, TmpStr1, (BufSize / sizeof (CHAR16)) - StrLen
(ConfirmText) - 1);
+ StrCatS (ConfirmText, BufSize / sizeof (CHAR16), TmpStr1);
FreePool (TmpStr1);
TmpStr1 = PhysicalPresenceGetStringById (STRING_TOKEN (TPM_ACCEPT_KEY));
- StrnCat (ConfirmText, TmpStr1, (BufSize / sizeof (CHAR16)) - StrLen
(ConfirmText) - 1);
+ StrCatS (ConfirmText, BufSize / sizeof (CHAR16), TmpStr1);
FreePool (TmpStr1);
break;
case PHYSICAL_PRESENCE_DEACTIVATE_DISABLE_OWNER_FALSE:
TmpStr2 = PhysicalPresenceGetStringById (STRING_TOKEN (TPM_TURN_OFF));
@@ -692,19 +692,19 @@ UserConfirm (
TmpStr1 = PhysicalPresenceGetStringById (STRING_TOKEN (TPM_HEAD_STR));
UnicodeSPrint (ConfirmText, BufSize, TmpStr1, TmpStr2);
FreePool (TmpStr1);
TmpStr1 = PhysicalPresenceGetStringById (STRING_TOKEN (TPM_NOTE_OFF));
- StrnCat (ConfirmText, TmpStr1, (BufSize / sizeof (CHAR16)) - StrLen
(ConfirmText) - 1);
+ StrCatS (ConfirmText, BufSize / sizeof (CHAR16), TmpStr1);
FreePool (TmpStr1);
TmpStr1 = PhysicalPresenceGetStringById (STRING_TOKEN (TPM_WARNING));
- StrnCat (ConfirmText, TmpStr1, (BufSize / sizeof (CHAR16)) - StrLen
(ConfirmText) - 1);
+ StrCatS (ConfirmText, BufSize / sizeof (CHAR16), TmpStr1);
FreePool (TmpStr1);
TmpStr1 = PhysicalPresenceGetStringById (STRING_TOKEN (TPM_ACCEPT_KEY));
- StrnCat (ConfirmText, TmpStr1, (BufSize / sizeof (CHAR16)) - StrLen
(ConfirmText) - 1);
+ StrCatS (ConfirmText, BufSize / sizeof (CHAR16), TmpStr1);
FreePool (TmpStr1);
break;
case PHYSICAL_PRESENCE_DEFERRED_PP_UNOWNERED_FIELD_UPGRADE:
CautionKey = TRUE;
@@ -713,15 +713,15 @@ UserConfirm (
TmpStr1 = PhysicalPresenceGetStringById (STRING_TOKEN
(TPM_UPGRADE_HEAD_STR));
UnicodeSPrint (ConfirmText, BufSize, TmpStr1, TmpStr2);
FreePool (TmpStr1);
TmpStr1 = PhysicalPresenceGetStringById (STRING_TOKEN
(TPM_WARNING_MAINTAIN));
- StrnCat (ConfirmText, TmpStr1, (BufSize / sizeof (CHAR16)) - StrLen
(ConfirmText) - 1);
+ StrCatS (ConfirmText, BufSize / sizeof (CHAR16), TmpStr1);
FreePool (TmpStr1);
TmpStr1 = PhysicalPresenceGetStringById (STRING_TOKEN (TPM_CAUTION_KEY));
- StrnCat (ConfirmText, TmpStr1, (BufSize / sizeof (CHAR16)) - StrLen
(ConfirmText) - 1);
+ StrCatS (ConfirmText, BufSize / sizeof (CHAR16), TmpStr1);
FreePool (TmpStr1);
break;
case PHYSICAL_PRESENCE_SET_OPERATOR_AUTH:
//
@@ -738,23 +738,23 @@ UserConfirm (
TmpStr1 = PhysicalPresenceGetStringById (STRING_TOKEN (TPM_HEAD_STR));
UnicodeSPrint (ConfirmText, BufSize, TmpStr1, TmpStr2);
FreePool (TmpStr1);
TmpStr1 = PhysicalPresenceGetStringById (STRING_TOKEN (TPM_NOTE_ON));
- StrnCat (ConfirmText, TmpStr1, (BufSize / sizeof (CHAR16)) - StrLen
(ConfirmText) - 1);
+ StrCatS (ConfirmText, BufSize / sizeof (CHAR16), TmpStr1);
FreePool (TmpStr1);
TmpStr1 = PhysicalPresenceGetStringById (STRING_TOKEN
(TPM_WARNING_CLEAR));
- StrnCat (ConfirmText, TmpStr1, (BufSize / sizeof (CHAR16)) - StrLen
(ConfirmText) - 1);
+ StrCatS (ConfirmText, BufSize / sizeof (CHAR16), TmpStr1);
FreePool (TmpStr1);
TmpStr1 = PhysicalPresenceGetStringById (STRING_TOKEN
(TPM_WARNING_CLEAR_CONT));
- StrnCat (ConfirmText, TmpStr1, (BufSize / sizeof (CHAR16)) - StrLen
(ConfirmText) - 1);
+ StrCatS (ConfirmText, BufSize / sizeof (CHAR16), TmpStr1);
FreePool (TmpStr1);
TmpStr1 = PhysicalPresenceGetStringById (STRING_TOKEN (TPM_CAUTION_KEY));
- StrnCat (ConfirmText, TmpStr1, (BufSize / sizeof (CHAR16)) - StrLen
(ConfirmText) - 1);
+ StrCatS (ConfirmText, BufSize / sizeof (CHAR16), TmpStr1);
FreePool (TmpStr1);
break;
case PHYSICAL_PRESENCE_SET_NO_PPI_PROVISION_TRUE:
TmpStr2 = PhysicalPresenceGetStringById (STRING_TOKEN
(TPM_NO_PPI_PROVISION));
@@ -762,15 +762,15 @@ UserConfirm (
TmpStr1 = PhysicalPresenceGetStringById (STRING_TOKEN
(TPM_PPI_HEAD_STR));
UnicodeSPrint (ConfirmText, BufSize, TmpStr1, TmpStr2);
FreePool (TmpStr1);
TmpStr1 = PhysicalPresenceGetStringById (STRING_TOKEN (TPM_ACCEPT_KEY));
- StrnCat (ConfirmText, TmpStr1, (BufSize / sizeof (CHAR16)) - StrLen
(ConfirmText) - 1);
+ StrCatS (ConfirmText, BufSize / sizeof (CHAR16), TmpStr1);
FreePool (TmpStr1);
TmpStr1 = PhysicalPresenceGetStringById (STRING_TOKEN (TPM_NO_PPI_INFO));
- StrnCat (ConfirmText, TmpStr1, (BufSize / sizeof (CHAR16)) - StrLen
(ConfirmText) - 1);
+ StrCatS (ConfirmText, BufSize / sizeof (CHAR16), TmpStr1);
FreePool (TmpStr1);
break;
case PHYSICAL_PRESENCE_SET_NO_PPI_CLEAR_TRUE:
CautionKey = TRUE;
@@ -779,24 +779,24 @@ UserConfirm (
TmpStr1 = PhysicalPresenceGetStringById (STRING_TOKEN
(TPM_PPI_HEAD_STR));
UnicodeSPrint (ConfirmText, BufSize, TmpStr1, TmpStr2);
FreePool (TmpStr1);
TmpStr1 = PhysicalPresenceGetStringById (STRING_TOKEN (TPM_NOTE_CLEAR));
- StrnCat (ConfirmText, TmpStr1, (BufSize / sizeof (CHAR16)) - StrLen
(ConfirmText) - 1);
+ StrCatS (ConfirmText, BufSize / sizeof (CHAR16), TmpStr1);
FreePool (TmpStr1);
TmpStr1 = PhysicalPresenceGetStringById (STRING_TOKEN
(TPM_WARNING_CLEAR));
- StrnCat (ConfirmText, TmpStr1, (BufSize / sizeof (CHAR16)) - StrLen
(ConfirmText) - 1);
- StrnCat (ConfirmText, L" \n\n", (BufSize / sizeof (CHAR16)) - StrLen
(ConfirmText) - 1);
+ StrCatS (ConfirmText, BufSize / sizeof (CHAR16), TmpStr1);
+ StrCatS (ConfirmText, BufSize / sizeof (CHAR16), L" \n\n");
FreePool (TmpStr1);
TmpStr1 = PhysicalPresenceGetStringById (STRING_TOKEN (TPM_CAUTION_KEY));
- StrnCat (ConfirmText, TmpStr1, (BufSize / sizeof (CHAR16)) - StrLen
(ConfirmText) - 1);
+ StrCatS (ConfirmText, BufSize / sizeof (CHAR16), TmpStr1);
FreePool (TmpStr1);
TmpStr1 = PhysicalPresenceGetStringById (STRING_TOKEN (TPM_NO_PPI_INFO));
- StrnCat (ConfirmText, TmpStr1, (BufSize / sizeof (CHAR16)) - StrLen
(ConfirmText) - 1);
+ StrCatS (ConfirmText, BufSize / sizeof (CHAR16), TmpStr1);
FreePool (TmpStr1);
break;
case PHYSICAL_PRESENCE_SET_NO_PPI_MAINTENANCE_TRUE:
CautionKey = TRUE;
@@ -805,19 +805,19 @@ UserConfirm (
TmpStr1 = PhysicalPresenceGetStringById (STRING_TOKEN
(TPM_PPI_HEAD_STR));
UnicodeSPrint (ConfirmText, BufSize, TmpStr1, TmpStr2);
FreePool (TmpStr1);
TmpStr1 = PhysicalPresenceGetStringById (STRING_TOKEN
(TPM_WARNING_MAINTAIN));
- StrnCat (ConfirmText, TmpStr1, (BufSize / sizeof (CHAR16)) - StrLen
(ConfirmText) - 1);
+ StrCatS (ConfirmText, BufSize / sizeof (CHAR16), TmpStr1);
FreePool (TmpStr1);
TmpStr1 = PhysicalPresenceGetStringById (STRING_TOKEN (TPM_CAUTION_KEY));
- StrnCat (ConfirmText, TmpStr1, (BufSize / sizeof (CHAR16)) - StrLen
(ConfirmText) - 1);
+ StrCatS (ConfirmText, BufSize / sizeof (CHAR16), TmpStr1);
FreePool (TmpStr1);
TmpStr1 = PhysicalPresenceGetStringById (STRING_TOKEN (TPM_NO_PPI_INFO));
- StrnCat (ConfirmText, TmpStr1, (BufSize / sizeof (CHAR16)) - StrLen
(ConfirmText) - 1);
+ StrCatS (ConfirmText, BufSize / sizeof (CHAR16), TmpStr1);
FreePool (TmpStr1);
break;
case PHYSICAL_PRESENCE_ENABLE_ACTIVATE_CLEAR:
CautionKey = TRUE;
@@ -826,16 +826,16 @@ UserConfirm (
TmpStr1 = PhysicalPresenceGetStringById (STRING_TOKEN (TPM_HEAD_STR));
UnicodeSPrint (ConfirmText, BufSize, TmpStr1, TmpStr2);
FreePool (TmpStr1);
TmpStr1 = PhysicalPresenceGetStringById (STRING_TOKEN
(TPM_WARNING_CLEAR));
- StrnCat (ConfirmText, TmpStr1, (BufSize / sizeof (CHAR16)) - StrLen
(ConfirmText) - 1);
- StrnCat (ConfirmText, L" \n\n", (BufSize / sizeof (CHAR16)) - StrLen
(ConfirmText) - 1);
+ StrCatS (ConfirmText, BufSize / sizeof (CHAR16), TmpStr1);
+ StrCatS (ConfirmText, BufSize / sizeof (CHAR16), L" \n\n");
FreePool (TmpStr1);
TmpStr1 = PhysicalPresenceGetStringById (STRING_TOKEN (TPM_CAUTION_KEY));
- StrnCat (ConfirmText, TmpStr1, (BufSize / sizeof (CHAR16)) - StrLen
(ConfirmText) - 1);
+ StrCatS (ConfirmText, BufSize / sizeof (CHAR16), TmpStr1);
FreePool (TmpStr1);
break;
case PHYSICAL_PRESENCE_ENABLE_ACTIVATE_CLEAR_ENABLE_ACTIVATE:
CautionKey = TRUE;
@@ -844,23 +844,23 @@ UserConfirm (
TmpStr1 = PhysicalPresenceGetStringById (STRING_TOKEN (TPM_HEAD_STR));
UnicodeSPrint (ConfirmText, BufSize, TmpStr1, TmpStr2);
FreePool (TmpStr1);
TmpStr1 = PhysicalPresenceGetStringById (STRING_TOKEN (TPM_NOTE_ON));
- StrnCat (ConfirmText, TmpStr1, (BufSize / sizeof (CHAR16)) - StrLen
(ConfirmText) - 1);
+ StrCatS (ConfirmText, BufSize / sizeof (CHAR16), TmpStr1);
FreePool (TmpStr1);
TmpStr1 = PhysicalPresenceGetStringById (STRING_TOKEN
(TPM_WARNING_CLEAR));
- StrnCat (ConfirmText, TmpStr1, (BufSize / sizeof (CHAR16)) - StrLen
(ConfirmText) - 1);
+ StrCatS (ConfirmText, BufSize / sizeof (CHAR16), TmpStr1);
FreePool (TmpStr1);
TmpStr1 = PhysicalPresenceGetStringById (STRING_TOKEN
(TPM_WARNING_CLEAR_CONT));
- StrnCat (ConfirmText, TmpStr1, (BufSize / sizeof (CHAR16)) - StrLen
(ConfirmText) - 1);
+ StrCatS (ConfirmText, BufSize / sizeof (CHAR16), TmpStr1);
FreePool (TmpStr1);
TmpStr1 = PhysicalPresenceGetStringById (STRING_TOKEN (TPM_CAUTION_KEY));
- StrnCat (ConfirmText, TmpStr1, (BufSize / sizeof (CHAR16)) - StrLen
(ConfirmText) - 1);
+ StrCatS (ConfirmText, BufSize / sizeof (CHAR16), TmpStr1);
FreePool (TmpStr1);
break;
default:
;
@@ -875,11 +875,11 @@ UserConfirm (
BufSize -= StrSize (ConfirmText);
UnicodeSPrint (ConfirmText + StrLen (ConfirmText), BufSize, TmpStr1,
TmpStr2);
DstStr[80] = L'\0';
for (Index = 0; Index < StrLen (ConfirmText); Index += 80) {
- StrnCpy(DstStr, ConfirmText + Index, 80);
+ StrCpyS(DstStr, 81, ConfirmText + Index);
Print (DstStr);
}
FreePool (TmpStr1);
FreePool (TmpStr2);
diff --git
a/SecurityPkg/Library/DxeTrEEPhysicalPresenceLib/DxeTrEEPhysicalPresenceLib.c
b/SecurityPkg/Library/DxeTrEEPhysicalPresenceLib/DxeTrEEPhysicalPresenceLib.c
index 9ff9d88..a0e2435 100644
---
a/SecurityPkg/Library/DxeTrEEPhysicalPresenceLib/DxeTrEEPhysicalPresenceLib.c
+++
b/SecurityPkg/Library/DxeTrEEPhysicalPresenceLib/DxeTrEEPhysicalPresenceLib.c
@@ -259,16 +259,16 @@ TrEEUserConfirm (
TmpStr1 = TrEEPhysicalPresenceGetStringById (STRING_TOKEN
(TPM_HEAD_STR));
UnicodeSPrint (ConfirmText, BufSize, TmpStr1, TmpStr2);
FreePool (TmpStr1);
TmpStr1 = TrEEPhysicalPresenceGetStringById (STRING_TOKEN
(TPM_WARNING_CLEAR));
- StrnCat (ConfirmText, TmpStr1, (BufSize / sizeof (CHAR16)) - StrLen
(ConfirmText) - 1);
- StrnCat (ConfirmText, L" \n\n", (BufSize / sizeof (CHAR16)) - StrLen
(ConfirmText) - 1);
+ StrCatS (ConfirmText, BufSize / sizeof (CHAR16), TmpStr1);
+ StrCatS (ConfirmText, BufSize / sizeof (CHAR16), L" \n\n");
FreePool (TmpStr1);
TmpStr1 = TrEEPhysicalPresenceGetStringById (STRING_TOKEN
(TPM_CAUTION_KEY));
- StrnCat (ConfirmText, TmpStr1, (BufSize / sizeof (CHAR16)) - StrLen
(ConfirmText) - 1);
+ StrCatS (ConfirmText, BufSize / sizeof (CHAR16), TmpStr1);
FreePool (TmpStr1);
break;
case TREE_PHYSICAL_PRESENCE_SET_NO_PPI_CLEAR_TRUE:
CautionKey = TRUE;
@@ -277,24 +277,24 @@ TrEEUserConfirm (
TmpStr1 = TrEEPhysicalPresenceGetStringById (STRING_TOKEN
(TPM_PPI_HEAD_STR));
UnicodeSPrint (ConfirmText, BufSize, TmpStr1, TmpStr2);
FreePool (TmpStr1);
TmpStr1 = TrEEPhysicalPresenceGetStringById (STRING_TOKEN
(TPM_NOTE_CLEAR));
- StrnCat (ConfirmText, TmpStr1, (BufSize / sizeof (CHAR16)) - StrLen
(ConfirmText) - 1);
+ StrCatS (ConfirmText, BufSize / sizeof (CHAR16), TmpStr1);
FreePool (TmpStr1);
TmpStr1 = TrEEPhysicalPresenceGetStringById (STRING_TOKEN
(TPM_WARNING_CLEAR));
- StrnCat (ConfirmText, TmpStr1, (BufSize / sizeof (CHAR16)) - StrLen
(ConfirmText) - 1);
- StrnCat (ConfirmText, L" \n\n", (BufSize / sizeof (CHAR16)) - StrLen
(ConfirmText) - 1);
+ StrCatS (ConfirmText, BufSize / sizeof (CHAR16), TmpStr1);
+ StrCatS (ConfirmText, BufSize / sizeof (CHAR16), L" \n\n");
FreePool (TmpStr1);
TmpStr1 = TrEEPhysicalPresenceGetStringById (STRING_TOKEN
(TPM_CAUTION_KEY));
- StrnCat (ConfirmText, TmpStr1, (BufSize / sizeof (CHAR16)) - StrLen
(ConfirmText) - 1);
+ StrCatS (ConfirmText, BufSize / sizeof (CHAR16), TmpStr1);
FreePool (TmpStr1);
TmpStr1 = TrEEPhysicalPresenceGetStringById (STRING_TOKEN
(TPM_NO_PPI_INFO));
- StrnCat (ConfirmText, TmpStr1, (BufSize / sizeof (CHAR16)) - StrLen
(ConfirmText) - 1);
+ StrCatS (ConfirmText, BufSize / sizeof (CHAR16), TmpStr1);
FreePool (TmpStr1);
break;
default:
;
@@ -309,11 +309,11 @@ TrEEUserConfirm (
BufSize -= StrSize (ConfirmText);
UnicodeSPrint (ConfirmText + StrLen (ConfirmText), BufSize, TmpStr1,
TmpStr2);
DstStr[80] = L'\0';
for (Index = 0; Index < StrLen (ConfirmText); Index += 80) {
- StrnCpy(DstStr, ConfirmText + Index, 80);
+ StrCpyS(DstStr, 81, ConfirmText + Index);
Print (DstStr);
}
FreePool (TmpStr1);
FreePool (TmpStr2);
diff --git
a/SecurityPkg/UserIdentification/UserProfileManagerDxe/UserProfileModify.c
b/SecurityPkg/UserIdentification/UserProfileManagerDxe/UserProfileModify.c
index 67fc300..241d919 100644
--- a/SecurityPkg/UserIdentification/UserProfileManagerDxe/UserProfileModify.c
+++ b/SecurityPkg/UserIdentification/UserProfileManagerDxe/UserProfileModify.c
@@ -1,9 +1,9 @@
/** @file
The functions to modify a user profile.
-Copyright (c) 2009 - 2011, Intel Corporation. All rights reserved.<BR>
+Copyright (c) 2009 - 2015, Intel Corporation. All rights reserved.<BR>
This program and the accompanying materials
are licensed and made available under the terms and conditions of the BSD
License
which accompanies this distribution. The full text of the license may be
found at
http://opensource.org/licenses/bsd-license.php
@@ -343,15 +343,15 @@ AddStr (
TmpStr = AllocateZeroPool (StrLength);
ASSERT (TmpStr != NULL);
if (*Source1 == NULL) {
- StrCpy (TmpStr, Source2);;
+ StrCpyS (TmpStr, StrLength / sizeof (CHAR16), Source2);
} else {
- StrCpy (TmpStr, *Source1);
+ StrCpyS (TmpStr, StrLength / sizeof (CHAR16), *Source1);
FreePool (*Source1);
- StrCat (TmpStr, Source2);
+ StrCatS (TmpStr, StrLength / sizeof (CHAR16),Source2);
}
*Source1 = TmpStr;
}
diff --git a/SecurityPkg/VariableAuthenticated/EsalVariableDxeSal/Variable.c
b/SecurityPkg/VariableAuthenticated/EsalVariableDxeSal/Variable.c
index f08adf0..9b16755 100644
--- a/SecurityPkg/VariableAuthenticated/EsalVariableDxeSal/Variable.c
+++ b/SecurityPkg/VariableAuthenticated/EsalVariableDxeSal/Variable.c
@@ -1,9 +1,9 @@
/** @file
The implementation of Extended SAL variable services.
-Copyright (c) 2009 - 2014, Intel Corporation. All rights reserved.<BR>
+Copyright (c) 2009 - 2015, Intel Corporation. All rights reserved.<BR>
This program and the accompanying materials
are licensed and made available under the terms and conditions of the BSD
License
which accompanies this distribution. The full text of the license may be
found at
http://opensource.org/licenses/bsd-license.php
@@ -734,11 +734,11 @@ UpdateVariableInfo (
ASSERT (gVariableInfo != NULL);
CopyGuid (&gVariableInfo->VendorGuid, VendorGuid);
gVariableInfo->Name = AllocatePool (StrSize (VariableName));
ASSERT (gVariableInfo->Name != NULL);
- StrCpy (gVariableInfo->Name, VariableName);
+ StrCpyS (gVariableInfo->Name, StrSize (VariableName) / sizeof (CHAR16),
VariableName);
gVariableInfo->Volatile = Volatile;
gBS->InstallConfigurationTable (&gEfiAuthenticatedVariableGuid,
gVariableInfo);
}
@@ -776,11 +776,11 @@ UpdateVariableInfo (
ASSERT (Entry->Next != NULL);
CopyGuid (&Entry->Next->VendorGuid, VendorGuid);
Entry->Next->Name = AllocatePool (StrSize (VariableName));
ASSERT (Entry->Next->Name != NULL);
- StrCpy (Entry->Next->Name, VariableName);
+ StrCpyS (Entry->Next->Name, StrSize (VariableName) / sizeof (CHAR16),
VariableName);
Entry->Next->Volatile = Volatile;
}
}
}
diff --git
a/SecurityPkg/VariableAuthenticated/SecureBootConfigDxe/SecureBootConfigFileExplorer.c
b/SecurityPkg/VariableAuthenticated/SecureBootConfigDxe/SecureBootConfigFileExplorer.c
index 5ca013c..cca3b3a 100644
---
a/SecurityPkg/VariableAuthenticated/SecureBootConfigDxe/SecureBootConfigFileExplorer.c
+++
b/SecurityPkg/VariableAuthenticated/SecureBootConfigDxe/SecureBootConfigFileExplorer.c
@@ -1,9 +1,9 @@
/** @file
Internal file explorer functions for SecureBoot configuration module.
-Copyright (c) 2012 - 2014, Intel Corporation. All rights reserved.<BR>
+Copyright (c) 2012 - 2015, Intel Corporation. All rights reserved.<BR>
This program and the accompanying materials
are licensed and made available under the terms and conditions of the BSD
License
which accompanies this distribution. The full text of the license may be
found at
http://opensource.org/licenses/bsd-license.php
@@ -150,16 +150,17 @@ AppendFileName (
ASSERT (Str != NULL);
TmpStr = AllocateZeroPool (Size1 + Size2 + sizeof (CHAR16));
ASSERT (TmpStr != NULL);
- StrCat (Str, Str1);
+ StrCatS (Str, (Size1 + Size2 + sizeof (CHAR16)) / sizeof (CHAR16), Str1);
+
if (!((*Str == '\\') && (*(Str + 1) == 0))) {
- StrCat (Str, L"\\");
+ StrCatS (Str, (Size1 + Size2 + sizeof (CHAR16)) / sizeof (CHAR16), L"\\");
}
- StrCat (Str, Str2);
+ StrCatS (Str, (Size1 + Size2 + sizeof (CHAR16)) / sizeof (CHAR16), Str2);
Ptr = Str;
LastSlash = Str;
while (*Ptr != 0) {
if (*Ptr == '\\' && *(Ptr + 1) == '.' && *(Ptr + 2) == '.' && *(Ptr + 3)
== L'\\') {
@@ -168,27 +169,27 @@ AppendFileName (
// DO NOT convert the .. if it is at the end of the string. This will
// break the .. behavior in changing directories.
//
//
- // Use TmpStr as a backup, as StrCpy in BaseLib does not handle copy of
two strings
+ // Use TmpStr as a backup, as StrCpyS in BaseLib does not handle copy of
two strings
// that overlap.
//
- StrCpy (TmpStr, Ptr + 3);
- StrCpy (LastSlash, TmpStr);
+ StrCpyS (TmpStr, (Size1 + Size2 + sizeof (CHAR16)) / sizeof (CHAR16),
Ptr + 3);
+ StrCpyS (LastSlash, (Size1 + Size2 + sizeof (CHAR16)) / sizeof (CHAR16),
TmpStr);
Ptr = LastSlash;
} else if (*Ptr == '\\' && *(Ptr + 1) == '.' && *(Ptr + 2) == '\\') {
//
// Convert a "\.\" to a "\"
//
//
- // Use TmpStr as a backup, as StrCpy in BaseLib does not handle copy of
two strings
+ // Use TmpStr as a backup, as StrCpyS in BaseLib does not handle copy of
two strings
// that overlap.
//
- StrCpy (TmpStr, Ptr + 2);
- StrCpy (Ptr, TmpStr);
+ StrCpyS (TmpStr, (Size1 + Size2 + sizeof (CHAR16)) / sizeof (CHAR16),
Ptr + 2);
+ StrCpyS (Ptr, (Size1 + Size2 + sizeof (CHAR16)) / sizeof (CHAR16),
TmpStr);
Ptr = LastSlash;
} else if (*Ptr == '\\') {
LastSlash = Ptr;
}
diff --git
a/SecurityPkg/VariableAuthenticated/SecureBootConfigDxe/SecureBootConfigMisc.c
b/SecurityPkg/VariableAuthenticated/SecureBootConfigDxe/SecureBootConfigMisc.c
index 13c7c27..a83504e 100644
---
a/SecurityPkg/VariableAuthenticated/SecureBootConfigDxe/SecureBootConfigMisc.c
+++
b/SecurityPkg/VariableAuthenticated/SecureBootConfigDxe/SecureBootConfigMisc.c
@@ -1,9 +1,9 @@
/** @file
Helper functions for SecureBoot configuration module.
-Copyright (c) 2012, Intel Corporation. All rights reserved.<BR>
+Copyright (c) 2015, Intel Corporation. All rights reserved.<BR>
This program and the accompanying materials
are licensed and made available under the terms and conditions of the BSD
License
which accompanies this distribution. The full text of the license may be
found at
http://opensource.org/licenses/bsd-license.php
@@ -182,11 +182,11 @@ StringToGuid (
Buffer = (CHAR16 *) AllocateZeroPool (sizeof (CHAR16) * (StrLen + 1));
if (Buffer == NULL) {
return EFI_OUT_OF_RESOURCES;
}
- StrCpy (Buffer, Str);
+ StrCpyS (Buffer, (StrLen + 1), Str);
//
// Data1
//
PtrBuffer = Buffer;
--
1.9.5.msysgit.1
------------------------------------------------------------------------------
Don't Limit Your Business. Reach for the Cloud.
GigeNET's Cloud Solutions provide you with the tools and support that
you need to offload your IT needs and focus on growing your business.
Configured For All Businesses. Start Your Cloud Today.
https://www.gigenetcloud.com/
_______________________________________________
edk2-devel mailing list
edk2-devel@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/edk2-devel
