diff options
author | Zhang Lubo <lubo.zhang@intel.com> | 2015-07-08 06:59:50 +0000 |
---|---|---|
committer | luobozhang <luobozhang@Edk2> | 2015-07-08 06:59:50 +0000 |
commit | c2a65e233ae82090b63e9d170401fad546957fdf (patch) | |
tree | fefd71fb991539dc5969a649b6d413e11e5b1618 /SecurityPkg/VariableAuthenticated | |
parent | 206b5f51beb15a22417c42e846678425de60c556 (diff) | |
download | edk2-c2a65e233ae82090b63e9d170401fad546957fdf.tar.gz edk2-c2a65e233ae82090b63e9d170401fad546957fdf.tar.bz2 edk2-c2a65e233ae82090b63e9d170401fad546957fdf.zip |
SecurityPkg:Replace unsafe string functions.
Replace unsafe string functions with new added safe string functions.
Contributed-under: TianoCore Contribution Agreement 1.0
Signed-off-by: Zhang Lubo <lubo.zhang@intel.com>
Reviewed-by: Fu Siyuan <siyuan.fu@intel.com>
Reviewed-by: Qiu Shumin <shumin.qiu@intel.com>
Reviewed-by: Jaben Carsey <jaben.carsey@intel.com>
git-svn-id: https://svn.code.sf.net/p/edk2/code/trunk/edk2@17882 6f19259b-4bc3-4df7-8a09-765794883524
Diffstat (limited to 'SecurityPkg/VariableAuthenticated')
3 files changed, 20 insertions, 17 deletions
diff --git a/SecurityPkg/VariableAuthenticated/EsalVariableDxeSal/Variable.c b/SecurityPkg/VariableAuthenticated/EsalVariableDxeSal/Variable.c index f08adf038a..9b167552bb 100644 --- a/SecurityPkg/VariableAuthenticated/EsalVariableDxeSal/Variable.c +++ b/SecurityPkg/VariableAuthenticated/EsalVariableDxeSal/Variable.c @@ -1,7 +1,7 @@ /** @file
The implementation of Extended SAL variable services.
-Copyright (c) 2009 - 2014, Intel Corporation. All rights reserved.<BR>
+Copyright (c) 2009 - 2015, Intel Corporation. All rights reserved.<BR>
This program and the accompanying materials
are licensed and made available under the terms and conditions of the BSD License
which accompanies this distribution. The full text of the license may be found at
@@ -736,7 +736,7 @@ UpdateVariableInfo ( CopyGuid (&gVariableInfo->VendorGuid, VendorGuid);
gVariableInfo->Name = AllocatePool (StrSize (VariableName));
ASSERT (gVariableInfo->Name != NULL);
- StrCpy (gVariableInfo->Name, VariableName);
+ StrCpyS (gVariableInfo->Name, StrSize (VariableName) / sizeof (CHAR16), VariableName);
gVariableInfo->Volatile = Volatile;
gBS->InstallConfigurationTable (&gEfiAuthenticatedVariableGuid, gVariableInfo);
@@ -778,7 +778,7 @@ UpdateVariableInfo ( CopyGuid (&Entry->Next->VendorGuid, VendorGuid);
Entry->Next->Name = AllocatePool (StrSize (VariableName));
ASSERT (Entry->Next->Name != NULL);
- StrCpy (Entry->Next->Name, VariableName);
+ StrCpyS (Entry->Next->Name, StrSize (VariableName) / sizeof (CHAR16), VariableName);
Entry->Next->Volatile = Volatile;
}
diff --git a/SecurityPkg/VariableAuthenticated/SecureBootConfigDxe/SecureBootConfigFileExplorer.c b/SecurityPkg/VariableAuthenticated/SecureBootConfigDxe/SecureBootConfigFileExplorer.c index 5ca013c92d..e1fd78db4e 100644 --- a/SecurityPkg/VariableAuthenticated/SecureBootConfigDxe/SecureBootConfigFileExplorer.c +++ b/SecurityPkg/VariableAuthenticated/SecureBootConfigDxe/SecureBootConfigFileExplorer.c @@ -1,7 +1,7 @@ /** @file
Internal file explorer functions for SecureBoot configuration module.
-Copyright (c) 2012 - 2014, Intel Corporation. All rights reserved.<BR>
+Copyright (c) 2012 - 2015, Intel Corporation. All rights reserved.<BR>
This program and the accompanying materials
are licensed and made available under the terms and conditions of the BSD License
which accompanies this distribution. The full text of the license may be found at
@@ -139,6 +139,7 @@ AppendFileName ( {
UINTN Size1;
UINTN Size2;
+ UINTN BufferSize;
CHAR16 *Str;
CHAR16 *TmpStr;
CHAR16 *Ptr;
@@ -146,18 +147,20 @@ AppendFileName ( Size1 = StrSize (Str1);
Size2 = StrSize (Str2);
- Str = AllocateZeroPool (Size1 + Size2 + sizeof (CHAR16));
+ BufferSize = Size1 + Size2 + sizeof (CHAR16);
+ Str = AllocateZeroPool (BufferSize);
ASSERT (Str != NULL);
- TmpStr = AllocateZeroPool (Size1 + Size2 + sizeof (CHAR16));
+ TmpStr = AllocateZeroPool (BufferSize);
ASSERT (TmpStr != NULL);
- StrCat (Str, Str1);
+ StrCatS (Str, BufferSize / sizeof (CHAR16), Str1);
+
if (!((*Str == '\\') && (*(Str + 1) == 0))) {
- StrCat (Str, L"\\");
+ StrCatS (Str, BufferSize / sizeof (CHAR16), L"\\");
}
- StrCat (Str, Str2);
+ StrCatS (Str, BufferSize / sizeof (CHAR16), Str2);
Ptr = Str;
LastSlash = Str;
@@ -170,11 +173,11 @@ AppendFileName ( //
//
- // Use TmpStr as a backup, as StrCpy in BaseLib does not handle copy of two strings
+ // Use TmpStr as a backup, as StrCpyS in BaseLib does not handle copy of two strings
// that overlap.
//
- StrCpy (TmpStr, Ptr + 3);
- StrCpy (LastSlash, TmpStr);
+ StrCpyS (TmpStr, BufferSize / sizeof (CHAR16), Ptr + 3);
+ StrCpyS (LastSlash, BufferSize / sizeof (CHAR16), TmpStr);
Ptr = LastSlash;
} else if (*Ptr == '\\' && *(Ptr + 1) == '.' && *(Ptr + 2) == '\\') {
//
@@ -182,11 +185,11 @@ AppendFileName ( //
//
- // Use TmpStr as a backup, as StrCpy in BaseLib does not handle copy of two strings
+ // Use TmpStr as a backup, as StrCpyS in BaseLib does not handle copy of two strings
// that overlap.
//
- StrCpy (TmpStr, Ptr + 2);
- StrCpy (Ptr, TmpStr);
+ StrCpyS (TmpStr, BufferSize / sizeof (CHAR16), Ptr + 2);
+ StrCpyS (Ptr, BufferSize / sizeof (CHAR16), TmpStr);
Ptr = LastSlash;
} else if (*Ptr == '\\') {
LastSlash = Ptr;
diff --git a/SecurityPkg/VariableAuthenticated/SecureBootConfigDxe/SecureBootConfigMisc.c b/SecurityPkg/VariableAuthenticated/SecureBootConfigDxe/SecureBootConfigMisc.c index 13c7c27387..a83504e787 100644 --- a/SecurityPkg/VariableAuthenticated/SecureBootConfigDxe/SecureBootConfigMisc.c +++ b/SecurityPkg/VariableAuthenticated/SecureBootConfigDxe/SecureBootConfigMisc.c @@ -1,7 +1,7 @@ /** @file
Helper functions for SecureBoot configuration module.
-Copyright (c) 2012, Intel Corporation. All rights reserved.<BR>
+Copyright (c) 2015, Intel Corporation. All rights reserved.<BR>
This program and the accompanying materials
are licensed and made available under the terms and conditions of the BSD License
which accompanies this distribution. The full text of the license may be found at
@@ -184,7 +184,7 @@ StringToGuid ( return EFI_OUT_OF_RESOURCES;
}
- StrCpy (Buffer, Str);
+ StrCpyS (Buffer, (StrLen + 1), Str);
//
// Data1
|