From 4129b837ae45db17c14b94f3a016915901443b93 Mon Sep 17 00:00:00 2001 From: Hao Wu Date: Fri, 10 Jul 2015 01:08:05 +0000 Subject: IntelFrameworkPkg FrameworkUefiLib: Fix ASSERT in CatVSPrint This commit will resolve issue brought by r17740. BufferToReturn = AllocateCopyPool(SizeRequired, String); The above using of AllocateCopyPool() will cause ASSERT if 'String' is NULL. Therefore, proper check for 'String' is needed. The above using of AllocateCopyPool() will read contents out of the scope of 'String'. Potential risk for 'String' allocated at the boundary of memory region. Contributed-under: TianoCore Contribution Agreement 1.0 Signed-off-by: Hao Wu Reviewed-by: Jordan Justen git-svn-id: https://svn.code.sf.net/p/edk2/code/trunk/edk2@17906 6f19259b-4bc3-4df7-8a09-765794883524 --- IntelFrameworkPkg/Library/FrameworkUefiLib/UefiLibPrint.c | 8 +++++++- 1 file changed, 7 insertions(+), 1 deletion(-) (limited to 'IntelFrameworkPkg') diff --git a/IntelFrameworkPkg/Library/FrameworkUefiLib/UefiLibPrint.c b/IntelFrameworkPkg/Library/FrameworkUefiLib/UefiLibPrint.c index 9a9503e030..2570ff4db9 100644 --- a/IntelFrameworkPkg/Library/FrameworkUefiLib/UefiLibPrint.c +++ b/IntelFrameworkPkg/Library/FrameworkUefiLib/UefiLibPrint.c @@ -754,10 +754,16 @@ CatVSPrint ( SizeRequired = sizeof(CHAR16) + (CharactersRequired * sizeof(CHAR16)); } - BufferToReturn = AllocateCopyPool(SizeRequired, String); + BufferToReturn = AllocatePool(SizeRequired); if (BufferToReturn == NULL) { return NULL; + } else { + BufferToReturn[0] = L'\0'; + } + + if (String != NULL) { + StrCpyS(BufferToReturn, SizeRequired, String); } UnicodeVSPrint(BufferToReturn + StrLen(BufferToReturn), (CharactersRequired+1) * sizeof(CHAR16), FormatString, Marker); -- cgit v1.2.3