@retval EFI_SUCCESS The binary data is converted to the hexadecimal string\r
and the length of the string is updated.\r
@retval EFI_BUFFER_TOO_SMALL The string is too small.\r
+ @retval EFI_BAD_BUFFER_SIZE BinLength is too large for hex encoding.\r
@retval EFI_INVALID_PARAMETER The IP string is malformatted.\r
\r
**/\r
IN OUT UINT32 *HexLength\r
)\r
{\r
- UINTN Index;\r
+ UINT32 HexLengthMin;\r
+ UINT32 HexLengthProvided;\r
+ UINT32 Index;\r
\r
if ((HexStr == NULL) || (BinBuffer == NULL) || (BinLength == 0)) {\r
return EFI_INVALID_PARAMETER;\r
}\r
\r
- if (((*HexLength) - 3) < BinLength * 2) {\r
- *HexLength = BinLength * 2 + 3;\r
+ //\r
+ // Safely calculate: HexLengthMin := BinLength * 2 + 3.\r
+ //\r
+ if (RETURN_ERROR (SafeUint32Mult (BinLength, 2, &HexLengthMin)) ||\r
+ RETURN_ERROR (SafeUint32Add (HexLengthMin, 3, &HexLengthMin))) {\r
+ return EFI_BAD_BUFFER_SIZE;\r
+ }\r
+\r
+ HexLengthProvided = *HexLength;\r
+ *HexLength = HexLengthMin;\r
+ if (HexLengthProvided < HexLengthMin) {\r
return EFI_BUFFER_TOO_SMALL;\r
}\r
\r
- *HexLength = BinLength * 2 + 3;\r
//\r
// Prefix for Hex String.\r
//\r