This commit will resolve issue brought by r17740.
BufferToReturn = AllocateCopyPool(SizeRequired, String);
The above using of AllocateCopyPool() will cause ASSERT if 'String' is
NULL. Therefore, proper check for 'String' is needed.
The above using of AllocateCopyPool() will read contents out of the scope
of 'String'. Potential risk for 'String' allocated at the boundary of
memory region.
Contributed-under: TianoCore Contribution Agreement 1.0
Signed-off-by: Hao Wu <hao.a...@intel.com>
---
IntelFrameworkPkg/Library/FrameworkUefiLib/UefiLibPrint.c | 8 +++++++-
1 file changed, 7 insertions(+), 1 deletion(-)
diff --git a/IntelFrameworkPkg/Library/FrameworkUefiLib/UefiLibPrint.c
b/IntelFrameworkPkg/Library/FrameworkUefiLib/UefiLibPrint.c
index 9a9503e..fbf9403 100644
--- a/IntelFrameworkPkg/Library/FrameworkUefiLib/UefiLibPrint.c
+++ b/IntelFrameworkPkg/Library/FrameworkUefiLib/UefiLibPrint.c
@@ -754,12 +754,18 @@ CatVSPrint (
SizeRequired = sizeof(CHAR16) + (CharactersRequired * sizeof(CHAR16));
}
- BufferToReturn = AllocateCopyPool(SizeRequired, String);
+ BufferToReturn = AllocatePool(SizeRequired);
if (BufferToReturn == NULL) {
return NULL;
}
+ BufferToReturn[0] = L'\0';
+
+ if (String != NULL) {
+ StrCpyS(BufferToReturn, SizeRequired, String);
+ }
+
UnicodeVSPrint(BufferToReturn + StrLen(BufferToReturn),
(CharactersRequired+1) * sizeof(CHAR16), FormatString, Marker);
ASSERT(StrSize(BufferToReturn)==SizeRequired);
--
1.9.5.msysgit.0
------------------------------------------------------------------------------
Don't Limit Your Business. Reach for the Cloud.
GigeNET's Cloud Solutions provide you with the tools and support that
you need to offload your IT needs and focus on growing your business.
Configured For All Businesses. Start Your Cloud Today.
https://www.gigenetcloud.com/
_______________________________________________
edk2-devel mailing list
edk2-devel@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/edk2-devel
