MdePkg/BaseLib: Avoid reading content beyond string boundary - edk2 - Cross-platform firmware development environment

diff options

author	Hao Wu <hao.a.wu@intel.com>	2017-09-19 11:01:56 +0800
committer	Hao Wu <hao.a.wu@intel.com>	2017-09-21 14:06:28 +0800
commit	9fdf31789a7088736bc574f6802f4a97b5ef2e97 (patch)
tree	693bfefa2e79907fab576d561fd81a27647fea92 /BaseTools/Source/Python/UPT/Object/Parser/DecObject.py
parent	8c3e4688e0d8e6c218a98855d98976ce46dbb29e (diff)
download	edk2-9fdf31789a7088736bc574f6802f4a97b5ef2e97.tar.gz edk2-9fdf31789a7088736bc574f6802f4a97b5ef2e97.tar.bz2 edk2-9fdf31789a7088736bc574f6802f4a97b5ef2e97.zip

MdePkg/BaseLib: Avoid reading content beyond string boundary

REF: https://bugzilla.tianocore.org/show_bug.cgi?id=705 As mentioned in the above Bugzilla link by Steven, within the function PathCleanUpDirectories(), when executing command: "cd ." under Shell, the input parameter 'Path' string will have string length less than 2. Hence, it is possible for the below statement: "if (StrCmp (Path + StrLen (Path) - 2, L"\\.") == 0) {" to read contents before the string boundary. This commit adds additional checks to avoid this. Cc: Steven Shi <steven.shi@intel.com> Cc: Michael Kinney <michael.d.kinney@intel.com> Cc: Liming Gao <liming.gao@intel.com> Contributed-under: TianoCore Contribution Agreement 1.1 Signed-off-by: Hao Wu <hao.a.wu@intel.com> Reviewed-by: Ruiyu Ni <ruiyu.ni@intel.com>

Diffstat (limited to 'BaseTools/Source/Python/UPT/Object/Parser/DecObject.py')

0 files changed, 0 insertions, 0 deletions


context:
space:
mode: