summaryrefslogtreecommitdiffstats
path: root/SecurityPkg/VariableAuthenticated
diff options
context:
space:
mode:
authorZhang Lubo <lubo.zhang@intel.com>2015-07-08 06:59:50 +0000
committerluobozhang <luobozhang@Edk2>2015-07-08 06:59:50 +0000
commitc2a65e233ae82090b63e9d170401fad546957fdf (patch)
treefefd71fb991539dc5969a649b6d413e11e5b1618 /SecurityPkg/VariableAuthenticated
parent206b5f51beb15a22417c42e846678425de60c556 (diff)
downloadedk2-c2a65e233ae82090b63e9d170401fad546957fdf.tar.gz
edk2-c2a65e233ae82090b63e9d170401fad546957fdf.tar.bz2
edk2-c2a65e233ae82090b63e9d170401fad546957fdf.zip
SecurityPkg:Replace unsafe string functions.
Replace unsafe string functions with new added safe string functions. Contributed-under: TianoCore Contribution Agreement 1.0 Signed-off-by: Zhang Lubo <lubo.zhang@intel.com> Reviewed-by: Fu Siyuan <siyuan.fu@intel.com> Reviewed-by: Qiu Shumin <shumin.qiu@intel.com> Reviewed-by: Jaben Carsey <jaben.carsey@intel.com> git-svn-id: https://svn.code.sf.net/p/edk2/code/trunk/edk2@17882 6f19259b-4bc3-4df7-8a09-765794883524
Diffstat (limited to 'SecurityPkg/VariableAuthenticated')
-rw-r--r--SecurityPkg/VariableAuthenticated/EsalVariableDxeSal/Variable.c6
-rw-r--r--SecurityPkg/VariableAuthenticated/SecureBootConfigDxe/SecureBootConfigFileExplorer.c27
-rw-r--r--SecurityPkg/VariableAuthenticated/SecureBootConfigDxe/SecureBootConfigMisc.c4
3 files changed, 20 insertions, 17 deletions
diff --git a/SecurityPkg/VariableAuthenticated/EsalVariableDxeSal/Variable.c b/SecurityPkg/VariableAuthenticated/EsalVariableDxeSal/Variable.c
index f08adf038a..9b167552bb 100644
--- a/SecurityPkg/VariableAuthenticated/EsalVariableDxeSal/Variable.c
+++ b/SecurityPkg/VariableAuthenticated/EsalVariableDxeSal/Variable.c
@@ -1,7 +1,7 @@
/** @file
The implementation of Extended SAL variable services.
-Copyright (c) 2009 - 2014, Intel Corporation. All rights reserved.<BR>
+Copyright (c) 2009 - 2015, Intel Corporation. All rights reserved.<BR>
This program and the accompanying materials
are licensed and made available under the terms and conditions of the BSD License
which accompanies this distribution. The full text of the license may be found at
@@ -736,7 +736,7 @@ UpdateVariableInfo (
CopyGuid (&gVariableInfo->VendorGuid, VendorGuid);
gVariableInfo->Name = AllocatePool (StrSize (VariableName));
ASSERT (gVariableInfo->Name != NULL);
- StrCpy (gVariableInfo->Name, VariableName);
+ StrCpyS (gVariableInfo->Name, StrSize (VariableName) / sizeof (CHAR16), VariableName);
gVariableInfo->Volatile = Volatile;
gBS->InstallConfigurationTable (&gEfiAuthenticatedVariableGuid, gVariableInfo);
@@ -778,7 +778,7 @@ UpdateVariableInfo (
CopyGuid (&Entry->Next->VendorGuid, VendorGuid);
Entry->Next->Name = AllocatePool (StrSize (VariableName));
ASSERT (Entry->Next->Name != NULL);
- StrCpy (Entry->Next->Name, VariableName);
+ StrCpyS (Entry->Next->Name, StrSize (VariableName) / sizeof (CHAR16), VariableName);
Entry->Next->Volatile = Volatile;
}
diff --git a/SecurityPkg/VariableAuthenticated/SecureBootConfigDxe/SecureBootConfigFileExplorer.c b/SecurityPkg/VariableAuthenticated/SecureBootConfigDxe/SecureBootConfigFileExplorer.c
index 5ca013c92d..e1fd78db4e 100644
--- a/SecurityPkg/VariableAuthenticated/SecureBootConfigDxe/SecureBootConfigFileExplorer.c
+++ b/SecurityPkg/VariableAuthenticated/SecureBootConfigDxe/SecureBootConfigFileExplorer.c
@@ -1,7 +1,7 @@
/** @file
Internal file explorer functions for SecureBoot configuration module.
-Copyright (c) 2012 - 2014, Intel Corporation. All rights reserved.<BR>
+Copyright (c) 2012 - 2015, Intel Corporation. All rights reserved.<BR>
This program and the accompanying materials
are licensed and made available under the terms and conditions of the BSD License
which accompanies this distribution. The full text of the license may be found at
@@ -139,6 +139,7 @@ AppendFileName (
{
UINTN Size1;
UINTN Size2;
+ UINTN BufferSize;
CHAR16 *Str;
CHAR16 *TmpStr;
CHAR16 *Ptr;
@@ -146,18 +147,20 @@ AppendFileName (
Size1 = StrSize (Str1);
Size2 = StrSize (Str2);
- Str = AllocateZeroPool (Size1 + Size2 + sizeof (CHAR16));
+ BufferSize = Size1 + Size2 + sizeof (CHAR16);
+ Str = AllocateZeroPool (BufferSize);
ASSERT (Str != NULL);
- TmpStr = AllocateZeroPool (Size1 + Size2 + sizeof (CHAR16));
+ TmpStr = AllocateZeroPool (BufferSize);
ASSERT (TmpStr != NULL);
- StrCat (Str, Str1);
+ StrCatS (Str, BufferSize / sizeof (CHAR16), Str1);
+
if (!((*Str == '\\') && (*(Str + 1) == 0))) {
- StrCat (Str, L"\\");
+ StrCatS (Str, BufferSize / sizeof (CHAR16), L"\\");
}
- StrCat (Str, Str2);
+ StrCatS (Str, BufferSize / sizeof (CHAR16), Str2);
Ptr = Str;
LastSlash = Str;
@@ -170,11 +173,11 @@ AppendFileName (
//
//
- // Use TmpStr as a backup, as StrCpy in BaseLib does not handle copy of two strings
+ // Use TmpStr as a backup, as StrCpyS in BaseLib does not handle copy of two strings
// that overlap.
//
- StrCpy (TmpStr, Ptr + 3);
- StrCpy (LastSlash, TmpStr);
+ StrCpyS (TmpStr, BufferSize / sizeof (CHAR16), Ptr + 3);
+ StrCpyS (LastSlash, BufferSize / sizeof (CHAR16), TmpStr);
Ptr = LastSlash;
} else if (*Ptr == '\\' && *(Ptr + 1) == '.' && *(Ptr + 2) == '\\') {
//
@@ -182,11 +185,11 @@ AppendFileName (
//
//
- // Use TmpStr as a backup, as StrCpy in BaseLib does not handle copy of two strings
+ // Use TmpStr as a backup, as StrCpyS in BaseLib does not handle copy of two strings
// that overlap.
//
- StrCpy (TmpStr, Ptr + 2);
- StrCpy (Ptr, TmpStr);
+ StrCpyS (TmpStr, BufferSize / sizeof (CHAR16), Ptr + 2);
+ StrCpyS (Ptr, BufferSize / sizeof (CHAR16), TmpStr);
Ptr = LastSlash;
} else if (*Ptr == '\\') {
LastSlash = Ptr;
diff --git a/SecurityPkg/VariableAuthenticated/SecureBootConfigDxe/SecureBootConfigMisc.c b/SecurityPkg/VariableAuthenticated/SecureBootConfigDxe/SecureBootConfigMisc.c
index 13c7c27387..a83504e787 100644
--- a/SecurityPkg/VariableAuthenticated/SecureBootConfigDxe/SecureBootConfigMisc.c
+++ b/SecurityPkg/VariableAuthenticated/SecureBootConfigDxe/SecureBootConfigMisc.c
@@ -1,7 +1,7 @@
/** @file
Helper functions for SecureBoot configuration module.
-Copyright (c) 2012, Intel Corporation. All rights reserved.<BR>
+Copyright (c) 2015, Intel Corporation. All rights reserved.<BR>
This program and the accompanying materials
are licensed and made available under the terms and conditions of the BSD License
which accompanies this distribution. The full text of the license may be found at
@@ -184,7 +184,7 @@ StringToGuid (
return EFI_OUT_OF_RESOURCES;
}
- StrCpy (Buffer, Str);
+ StrCpyS (Buffer, (StrLen + 1), Str);
//
// Data1