]>
git.proxmox.com Git - mirror_edk2.git/blob - MdePkg/Library/BaseLib/SafeString.c
7c1b0758f3e0fbb5fb8114cb0ee36002679c9e49
4 Copyright (c) 2014, Intel Corporation. All rights reserved.<BR>
5 This program and the accompanying materials
6 are licensed and made available under the terms and conditions of the BSD License
7 which accompanies this distribution. The full text of the license may be found at
8 http://opensource.org/licenses/bsd-license.php.
10 THE PROGRAM IS DISTRIBUTED UNDER THE BSD LICENSE ON AN "AS IS" BASIS,
11 WITHOUT WARRANTIES OR REPRESENTATIONS OF ANY KIND, EITHER EXPRESS OR IMPLIED.
16 #include <Library/DebugLib.h>
17 #include <Library/PcdLib.h>
18 #include <Library/BaseLib.h>
20 #define RSIZE_MAX (PcdGet32 (PcdMaximumUnicodeStringLength))
22 #define ASCII_RSIZE_MAX (PcdGet32 (PcdMaximumAsciiStringLength))
24 #define SAFE_STRING_CONSTRAINT_CHECK(Expression, Status) \
26 ASSERT (Expression); \
27 if (!(Expression)) { \
33 Returns if 2 memory blocks are overlapped.
35 @param Base1 Base address of 1st memory block.
36 @param Size1 Size of 1st memory block.
37 @param Base2 Base address of 2nd memory block.
38 @param Size2 Size of 2nd memory block.
40 @retval TRUE 2 memory blocks are overlapped.
41 @retval FALSE 2 memory blocks are not overlapped.
44 InternalSafeStringIsOverlap (
51 if ((((UINTN
)Base1
>= (UINTN
)Base2
) && ((UINTN
)Base1
< (UINTN
)Base2
+ Size2
)) ||
52 (((UINTN
)Base2
>= (UINTN
)Base1
) && ((UINTN
)Base2
< (UINTN
)Base1
+ Size1
))) {
59 Returns if 2 Unicode strings are not overlapped.
61 @param Str1 Start address of 1st Unicode string.
62 @param Size1 The number of char in 1st Unicode string,
63 including terminating null char.
64 @param Str2 Start address of 2nd Unicode string.
65 @param Size2 The number of char in 2nd Unicode string,
66 including terminating null char.
68 @retval TRUE 2 Unicode strings are NOT overlapped.
69 @retval FALSE 2 Unicode strings are overlapped.
72 InternalSafeStringNoStrOverlap (
79 return !InternalSafeStringIsOverlap (Str1
, Size1
* sizeof(CHAR16
), Str2
, Size2
* sizeof(CHAR16
));
83 Returns if 2 Ascii strings are not overlapped.
85 @param Str1 Start address of 1st Ascii string.
86 @param Size1 The number of char in 1st Ascii string,
87 including terminating null char.
88 @param Str2 Start address of 2nd Ascii string.
89 @param Size2 The number of char in 2nd Ascii string,
90 including terminating null char.
92 @retval TRUE 2 Ascii strings are NOT overlapped.
93 @retval FALSE 2 Ascii strings are overlapped.
96 InternalSafeStringNoAsciiStrOverlap (
103 return !InternalSafeStringIsOverlap (Str1
, Size1
, Str2
, Size2
);
107 Returns the length of a Null-terminated Unicode string.
109 If String is not aligned on a 16-bit boundary, then ASSERT().
111 @param String A pointer to a Null-terminated Unicode string.
112 @param MaxSize The maximum number of Destination Unicode
113 char, including terminating null char.
115 @retval 0 If String is NULL.
116 @retval MaxSize If there is no null character in the first MaxSize characters of String.
117 @return The number of characters that percede the terminating null character.
123 IN CONST CHAR16
*String
,
129 ASSERT (((UINTN
) String
& BIT0
) == 0);
132 // If String is a null pointer, then the StrnLenS function returns zero.
134 if (String
== NULL
) {
139 // Otherwise, the StrnLenS function returns the number of characters that precede the
140 // terminating null character. If there is no null character in the first MaxSize characters of
141 // String then StrnLenS returns MaxSize. At most the first MaxSize characters of String shall
142 // be accessed by StrnLenS.
144 for (Length
= 0; (*String
!= 0) && (Length
< MaxSize
); String
++, Length
++) {
151 Copies the string pointed to by Source (including the terminating null char)
152 to the array pointed to by Destination.
154 If Destination is not aligned on a 16-bit boundary, then ASSERT().
155 If Source is not aligned on a 16-bit boundary, then ASSERT().
156 If an error would be returned, then the function will also ASSERT().
158 @param Destination A pointer to a Null-terminated Unicode string.
159 @param DestMax The maximum number of Destination Unicode
160 char, including terminating null char.
161 @param Source A pointer to a Null-terminated Unicode string.
163 @retval RETURN_SUCCESS String is copied.
164 @retval RETURN_BUFFER_TOO_SMALL If DestMax is NOT greater than StrLen(Source).
165 @retval RETURN_INVALID_PARAMETER If Destination is NULL.
167 If PcdMaximumUnicodeStringLength is not zero,
168 and DestMax is greater than
169 PcdMaximumUnicodeStringLength.
171 @retval RETURN_ACCESS_DENIED If Source and Destination overlap.
176 OUT CHAR16
*Destination
,
178 IN CONST CHAR16
*Source
183 ASSERT (((UINTN
) Destination
& BIT0
) == 0);
184 ASSERT (((UINTN
) Source
& BIT0
) == 0);
187 // 1. Neither Destination nor Source shall be a null pointer.
189 SAFE_STRING_CONSTRAINT_CHECK ((Destination
!= NULL
), RETURN_INVALID_PARAMETER
);
190 SAFE_STRING_CONSTRAINT_CHECK ((Source
!= NULL
), RETURN_INVALID_PARAMETER
);
193 // 2. DestMax shall not be greater than RSIZE_MAX.
195 if (RSIZE_MAX
!= 0) {
196 SAFE_STRING_CONSTRAINT_CHECK ((DestMax
<= RSIZE_MAX
), RETURN_INVALID_PARAMETER
);
200 // 3. DestMax shall not equal zero.
202 SAFE_STRING_CONSTRAINT_CHECK ((DestMax
!= 0), RETURN_INVALID_PARAMETER
);
205 // 4. DestMax shall be greater than StrnLenS(Source, DestMax).
207 SourceLen
= StrnLenS (Source
, DestMax
);
208 SAFE_STRING_CONSTRAINT_CHECK ((DestMax
> SourceLen
), RETURN_BUFFER_TOO_SMALL
);
211 // 5. Copying shall not take place between objects that overlap.
213 SAFE_STRING_CONSTRAINT_CHECK (InternalSafeStringNoStrOverlap (Destination
, DestMax
, (CHAR16
*)Source
, SourceLen
+ 1), RETURN_ACCESS_DENIED
);
216 // The StrCpyS function copies the string pointed to by Source (including the terminating
217 // null character) into the array pointed to by Destination.
219 while (*Source
!= 0) {
220 *(Destination
++) = *(Source
++);
224 return RETURN_SUCCESS
;
228 Copies not more than Length successive char from the string pointed to by
229 Source to the array pointed to by Destination. If no null char is copied from
230 Source, then Destination[Length] is always set to null.
232 If Length > 0 and Destination is not aligned on a 16-bit boundary, then ASSERT().
233 If Length > 0 and Source is not aligned on a 16-bit boundary, then ASSERT().
234 If an error would be returned, then the function will also ASSERT().
236 @param Destination A pointer to a Null-terminated Unicode string.
237 @param DestMax The maximum number of Destination Unicode
238 char, including terminating null char.
239 @param Source A pointer to a Null-terminated Unicode string.
240 @param Length The maximum number of Unicode characters to copy.
242 @retval RETURN_SUCCESS String is copied.
243 @retval RETURN_BUFFER_TOO_SMALL If DestMax is NOT greater than
244 MIN(StrLen(Source), Length).
245 @retval RETURN_INVALID_PARAMETER If Destination is NULL.
247 If PcdMaximumUnicodeStringLength is not zero,
248 and DestMax is greater than
249 PcdMaximumUnicodeStringLength.
251 @retval RETURN_ACCESS_DENIED If Source and Destination overlap.
256 OUT CHAR16
*Destination
,
258 IN CONST CHAR16
*Source
,
264 ASSERT (((UINTN
) Destination
& BIT0
) == 0);
265 ASSERT (((UINTN
) Source
& BIT0
) == 0);
268 // 1. Neither Destination nor Source shall be a null pointer.
270 SAFE_STRING_CONSTRAINT_CHECK ((Destination
!= NULL
), RETURN_INVALID_PARAMETER
);
271 SAFE_STRING_CONSTRAINT_CHECK ((Source
!= NULL
), RETURN_INVALID_PARAMETER
);
274 // 2. Neither DestMax nor Length shall be greater than RSIZE_MAX
276 if (RSIZE_MAX
!= 0) {
277 SAFE_STRING_CONSTRAINT_CHECK ((DestMax
<= RSIZE_MAX
), RETURN_INVALID_PARAMETER
);
278 SAFE_STRING_CONSTRAINT_CHECK ((Length
<= RSIZE_MAX
), RETURN_INVALID_PARAMETER
);
282 // 3. DestMax shall not equal zero.
284 SAFE_STRING_CONSTRAINT_CHECK ((DestMax
!= 0), RETURN_INVALID_PARAMETER
);
287 // 4. If Length is not less than DestMax, then DestMax shall be greater than StrnLenS(Source, DestMax).
289 SourceLen
= StrnLenS (Source
, DestMax
);
290 if (Length
>= DestMax
) {
291 SAFE_STRING_CONSTRAINT_CHECK ((DestMax
> SourceLen
), RETURN_BUFFER_TOO_SMALL
);
295 // 5. Copying shall not take place between objects that overlap.
297 if (SourceLen
> Length
) {
300 SAFE_STRING_CONSTRAINT_CHECK (InternalSafeStringNoStrOverlap (Destination
, DestMax
, (CHAR16
*)Source
, SourceLen
+ 1), RETURN_ACCESS_DENIED
);
303 // The StrnCpyS function copies not more than Length successive characters (characters that
304 // follow a null character are not copied) from the array pointed to by Source to the array
305 // pointed to by Destination. If no null character was copied from Source, then Destination[Length] is set to a null
308 while ((*Source
!= 0) && (SourceLen
> 0)) {
309 *(Destination
++) = *(Source
++);
314 return RETURN_SUCCESS
;
318 Appends a copy of the string pointed to by Source (including the terminating
319 null char) to the end of the string pointed to by Destination.
321 If Destination is not aligned on a 16-bit boundary, then ASSERT().
322 If Source is not aligned on a 16-bit boundary, then ASSERT().
323 If an error would be returned, then the function will also ASSERT().
325 @param Destination A pointer to a Null-terminated Unicode string.
326 @param DestMax The maximum number of Destination Unicode
327 char, including terminating null char.
328 @param Source A pointer to a Null-terminated Unicode string.
330 @retval RETURN_SUCCESS String is appended.
331 @retval RETURN_BAD_BUFFER_SIZE If DestMax is NOT greater than
333 @retval RETURN_BUFFER_TOO_SMALL If (DestMax - StrLen(Destination)) is NOT
334 greater than StrLen(Source).
335 @retval RETURN_INVALID_PARAMETER If Destination is NULL.
337 If PcdMaximumUnicodeStringLength is not zero,
338 and DestMax is greater than
339 PcdMaximumUnicodeStringLength.
341 @retval RETURN_ACCESS_DENIED If Source and Destination overlap.
346 IN OUT CHAR16
*Destination
,
348 IN CONST CHAR16
*Source
355 ASSERT (((UINTN
) Destination
& BIT0
) == 0);
356 ASSERT (((UINTN
) Source
& BIT0
) == 0);
359 // Let CopyLen denote the value DestMax - StrnLenS(Destination, DestMax) upon entry to StrCatS.
361 DestLen
= StrnLenS (Destination
, DestMax
);
362 CopyLen
= DestMax
- DestLen
;
365 // 1. Neither Destination nor Source shall be a null pointer.
367 SAFE_STRING_CONSTRAINT_CHECK ((Destination
!= NULL
), RETURN_INVALID_PARAMETER
);
368 SAFE_STRING_CONSTRAINT_CHECK ((Source
!= NULL
), RETURN_INVALID_PARAMETER
);
371 // 2. DestMax shall not be greater than RSIZE_MAX.
373 if (RSIZE_MAX
!= 0) {
374 SAFE_STRING_CONSTRAINT_CHECK ((DestMax
<= RSIZE_MAX
), RETURN_INVALID_PARAMETER
);
378 // 3. DestMax shall not equal zero.
380 SAFE_STRING_CONSTRAINT_CHECK ((DestMax
!= 0), RETURN_INVALID_PARAMETER
);
383 // 4. CopyLen shall not equal zero.
385 SAFE_STRING_CONSTRAINT_CHECK ((CopyLen
!= 0), RETURN_BAD_BUFFER_SIZE
);
388 // 5. CopyLen shall be greater than StrnLenS(Source, CopyLen).
390 SourceLen
= StrnLenS (Source
, CopyLen
);
391 SAFE_STRING_CONSTRAINT_CHECK ((CopyLen
> SourceLen
), RETURN_BUFFER_TOO_SMALL
);
394 // 6. Copying shall not take place between objects that overlap.
396 SAFE_STRING_CONSTRAINT_CHECK (InternalSafeStringNoStrOverlap (Destination
, DestMax
, (CHAR16
*)Source
, SourceLen
+ 1), RETURN_ACCESS_DENIED
);
399 // The StrCatS function appends a copy of the string pointed to by Source (including the
400 // terminating null character) to the end of the string pointed to by Destination. The initial character
401 // from Source overwrites the null character at the end of Destination.
403 Destination
= Destination
+ DestLen
;
404 while (*Source
!= 0) {
405 *(Destination
++) = *(Source
++);
409 return RETURN_SUCCESS
;
413 Appends not more than Length successive char from the string pointed to by
414 Source to the end of the string pointed to by Destination. If no null char is
415 copied from Source, then Destination[StrLen(Destination) + Length] is always
418 If Destination is not aligned on a 16-bit boundary, then ASSERT().
419 If Source is not aligned on a 16-bit boundary, then ASSERT().
420 If an error would be returned, then the function will also ASSERT().
422 @param Destination A pointer to a Null-terminated Unicode string.
423 @param DestMax The maximum number of Destination Unicode
424 char, including terminating null char.
425 @param Source A pointer to a Null-terminated Unicode string.
426 @param Length The maximum number of Unicode characters to copy.
428 @retval RETURN_SUCCESS String is appended.
429 @retval RETURN_BAD_BUFFER_SIZE If DestMax is NOT greater than
431 @retval RETURN_BUFFER_TOO_SMALL If (DestMax - StrLen(Destination)) is NOT
432 greater than MIN(StrLen(Source), Length).
433 @retval RETURN_INVALID_PARAMETER If Destination is NULL.
435 If PcdMaximumUnicodeStringLength is not zero,
436 and DestMax is greater than
437 PcdMaximumUnicodeStringLength.
439 @retval RETURN_ACCESS_DENIED If Source and Destination overlap.
444 IN OUT CHAR16
*Destination
,
446 IN CONST CHAR16
*Source
,
454 ASSERT (((UINTN
) Destination
& BIT0
) == 0);
455 ASSERT (((UINTN
) Source
& BIT0
) == 0);
458 // Let CopyLen denote the value DestMax - StrnLenS(Destination, DestMax) upon entry to StrnCatS.
460 DestLen
= StrnLenS (Destination
, DestMax
);
461 CopyLen
= DestMax
- DestLen
;
464 // 1. Neither Destination nor Source shall be a null pointer.
466 SAFE_STRING_CONSTRAINT_CHECK ((Destination
!= NULL
), RETURN_INVALID_PARAMETER
);
467 SAFE_STRING_CONSTRAINT_CHECK ((Source
!= NULL
), RETURN_INVALID_PARAMETER
);
470 // 2. Neither DestMax nor Length shall be greater than RSIZE_MAX.
472 if (RSIZE_MAX
!= 0) {
473 SAFE_STRING_CONSTRAINT_CHECK ((DestMax
<= RSIZE_MAX
), RETURN_INVALID_PARAMETER
);
474 SAFE_STRING_CONSTRAINT_CHECK ((Length
<= RSIZE_MAX
), RETURN_INVALID_PARAMETER
);
478 // 3. DestMax shall not equal zero.
480 SAFE_STRING_CONSTRAINT_CHECK ((DestMax
!= 0), RETURN_INVALID_PARAMETER
);
483 // 4. CopyLen shall not equal zero.
485 SAFE_STRING_CONSTRAINT_CHECK ((CopyLen
!= 0), RETURN_BAD_BUFFER_SIZE
);
488 // 5. If Length is not less than CopyLen, then CopyLen shall be greater than StrnLenS(Source, CopyLen).
490 SourceLen
= StrnLenS (Source
, CopyLen
);
491 if (Length
>= CopyLen
) {
492 SAFE_STRING_CONSTRAINT_CHECK ((CopyLen
> SourceLen
), RETURN_BUFFER_TOO_SMALL
);
496 // 6. Copying shall not take place between objects that overlap.
498 if (SourceLen
> Length
) {
501 SAFE_STRING_CONSTRAINT_CHECK (InternalSafeStringNoStrOverlap (Destination
, DestMax
, (CHAR16
*)Source
, SourceLen
+ 1), RETURN_ACCESS_DENIED
);
504 // The StrnCatS function appends not more than Length successive characters (characters
505 // that follow a null character are not copied) from the array pointed to by Source to the end of
506 // the string pointed to by Destination. The initial character from Source overwrites the null character at
507 // the end of Destination. If no null character was copied from Source, then Destination[DestMax-CopyLen+Length] is set to
510 Destination
= Destination
+ DestLen
;
511 while ((*Source
!= 0) && (SourceLen
> 0)) {
512 *(Destination
++) = *(Source
++);
517 return RETURN_SUCCESS
;
521 Returns the length of a Null-terminated Ascii string.
523 @param String A pointer to a Null-terminated Ascii string.
524 @param MaxSize The maximum number of Destination Ascii
525 char, including terminating null char.
527 @retval 0 If String is NULL.
528 @retval MaxSize If there is no null character in the first MaxSize characters of String.
529 @return The number of characters that percede the terminating null character.
535 IN CONST CHAR8
*String
,
542 // If String is a null pointer, then the AsciiStrnLenS function returns zero.
544 if (String
== NULL
) {
549 // Otherwise, the AsciiStrnLenS function returns the number of characters that precede the
550 // terminating null character. If there is no null character in the first MaxSize characters of
551 // String then AsciiStrnLenS returns MaxSize. At most the first MaxSize characters of String shall
552 // be accessed by AsciiStrnLenS.
554 for (Length
= 0; (*String
!= 0) && (Length
< MaxSize
); String
++, Length
++) {
561 Copies the string pointed to by Source (including the terminating null char)
562 to the array pointed to by Destination.
564 If an error would be returned, then the function will also ASSERT().
566 @param Destination A pointer to a Null-terminated Ascii string.
567 @param DestMax The maximum number of Destination Ascii
568 char, including terminating null char.
569 @param Source A pointer to a Null-terminated Ascii string.
571 @retval RETURN_SUCCESS String is copied.
572 @retval RETURN_BUFFER_TOO_SMALL If DestMax is NOT greater than StrLen(Source).
573 @retval RETURN_INVALID_PARAMETER If Destination is NULL.
575 If PcdMaximumAsciiStringLength is not zero,
576 and DestMax is greater than
577 PcdMaximumAsciiStringLength.
579 @retval RETURN_ACCESS_DENIED If Source and Destination overlap.
584 OUT CHAR8
*Destination
,
586 IN CONST CHAR8
*Source
592 // 1. Neither Destination nor Source shall be a null pointer.
594 SAFE_STRING_CONSTRAINT_CHECK ((Destination
!= NULL
), RETURN_INVALID_PARAMETER
);
595 SAFE_STRING_CONSTRAINT_CHECK ((Source
!= NULL
), RETURN_INVALID_PARAMETER
);
598 // 2. DestMax shall not be greater than ASCII_RSIZE_MAX.
600 if (ASCII_RSIZE_MAX
!= 0) {
601 SAFE_STRING_CONSTRAINT_CHECK ((DestMax
<= ASCII_RSIZE_MAX
), RETURN_INVALID_PARAMETER
);
605 // 3. DestMax shall not equal zero.
607 SAFE_STRING_CONSTRAINT_CHECK ((DestMax
!= 0), RETURN_INVALID_PARAMETER
);
610 // 4. DestMax shall be greater than AsciiStrnLenS(Source, DestMax).
612 SourceLen
= AsciiStrnLenS (Source
, DestMax
);
613 SAFE_STRING_CONSTRAINT_CHECK ((DestMax
> SourceLen
), RETURN_BUFFER_TOO_SMALL
);
616 // 5. Copying shall not take place between objects that overlap.
618 SAFE_STRING_CONSTRAINT_CHECK (InternalSafeStringNoAsciiStrOverlap (Destination
, DestMax
, (CHAR8
*)Source
, SourceLen
+ 1), RETURN_ACCESS_DENIED
);
621 // The AsciiStrCpyS function copies the string pointed to by Source (including the terminating
622 // null character) into the array pointed to by Destination.
624 while (*Source
!= 0) {
625 *(Destination
++) = *(Source
++);
629 return RETURN_SUCCESS
;
633 Copies not more than Length successive char from the string pointed to by
634 Source to the array pointed to by Destination. If no null char is copied from
635 Source, then Destination[Length] is always set to null.
637 If an error would be returned, then the function will also ASSERT().
639 @param Destination A pointer to a Null-terminated Ascii string.
640 @param DestMax The maximum number of Destination Ascii
641 char, including terminating null char.
642 @param Source A pointer to a Null-terminated Ascii string.
643 @param Length The maximum number of Ascii characters to copy.
645 @retval RETURN_SUCCESS String is copied.
646 @retval RETURN_BUFFER_TOO_SMALL If DestMax is NOT greater than
647 MIN(StrLen(Source), Length).
648 @retval RETURN_INVALID_PARAMETER If Destination is NULL.
650 If PcdMaximumAsciiStringLength is not zero,
651 and DestMax is greater than
652 PcdMaximumAsciiStringLength.
654 @retval RETURN_ACCESS_DENIED If Source and Destination overlap.
659 OUT CHAR8
*Destination
,
661 IN CONST CHAR8
*Source
,
668 // 1. Neither Destination nor Source shall be a null pointer.
670 SAFE_STRING_CONSTRAINT_CHECK ((Destination
!= NULL
), RETURN_INVALID_PARAMETER
);
671 SAFE_STRING_CONSTRAINT_CHECK ((Source
!= NULL
), RETURN_INVALID_PARAMETER
);
674 // 2. Neither DestMax nor Length shall be greater than ASCII_RSIZE_MAX
676 if (ASCII_RSIZE_MAX
!= 0) {
677 SAFE_STRING_CONSTRAINT_CHECK ((DestMax
<= ASCII_RSIZE_MAX
), RETURN_INVALID_PARAMETER
);
678 SAFE_STRING_CONSTRAINT_CHECK ((Length
<= ASCII_RSIZE_MAX
), RETURN_INVALID_PARAMETER
);
682 // 3. DestMax shall not equal zero.
684 SAFE_STRING_CONSTRAINT_CHECK ((DestMax
!= 0), RETURN_INVALID_PARAMETER
);
687 // 4. If Length is not less than DestMax, then DestMax shall be greater than AsciiStrnLenS(Source, DestMax).
689 SourceLen
= AsciiStrnLenS (Source
, DestMax
);
690 if (Length
>= DestMax
) {
691 SAFE_STRING_CONSTRAINT_CHECK ((DestMax
> SourceLen
), RETURN_BUFFER_TOO_SMALL
);
695 // 5. Copying shall not take place between objects that overlap.
697 if (SourceLen
> Length
) {
700 SAFE_STRING_CONSTRAINT_CHECK (InternalSafeStringNoAsciiStrOverlap (Destination
, DestMax
, (CHAR8
*)Source
, SourceLen
+ 1), RETURN_ACCESS_DENIED
);
703 // The AsciiStrnCpyS function copies not more than Length successive characters (characters that
704 // follow a null character are not copied) from the array pointed to by Source to the array
705 // pointed to by Destination. If no null character was copied from Source, then Destination[Length] is set to a null
708 while ((*Source
!= 0) && (SourceLen
> 0)) {
709 *(Destination
++) = *(Source
++);
714 return RETURN_SUCCESS
;
718 Appends a copy of the string pointed to by Source (including the terminating
719 null char) to the end of the string pointed to by Destination.
721 If an error would be returned, then the function will also ASSERT().
723 @param Destination A pointer to a Null-terminated Ascii string.
724 @param DestMax The maximum number of Destination Ascii
725 char, including terminating null char.
726 @param Source A pointer to a Null-terminated Ascii string.
728 @retval RETURN_SUCCESS String is appended.
729 @retval RETURN_BAD_BUFFER_SIZE If DestMax is NOT greater than
731 @retval RETURN_BUFFER_TOO_SMALL If (DestMax - StrLen(Destination)) is NOT
732 greater than StrLen(Source).
733 @retval RETURN_INVALID_PARAMETER If Destination is NULL.
735 If PcdMaximumAsciiStringLength is not zero,
736 and DestMax is greater than
737 PcdMaximumAsciiStringLength.
739 @retval RETURN_ACCESS_DENIED If Source and Destination overlap.
744 IN OUT CHAR8
*Destination
,
746 IN CONST CHAR8
*Source
754 // Let CopyLen denote the value DestMax - AsciiStrnLenS(Destination, DestMax) upon entry to AsciiStrCatS.
756 DestLen
= AsciiStrnLenS (Destination
, DestMax
);
757 CopyLen
= DestMax
- DestLen
;
760 // 1. Neither Destination nor Source shall be a null pointer.
762 SAFE_STRING_CONSTRAINT_CHECK ((Destination
!= NULL
), RETURN_INVALID_PARAMETER
);
763 SAFE_STRING_CONSTRAINT_CHECK ((Source
!= NULL
), RETURN_INVALID_PARAMETER
);
766 // 2. DestMax shall not be greater than ASCII_RSIZE_MAX.
768 if (ASCII_RSIZE_MAX
!= 0) {
769 SAFE_STRING_CONSTRAINT_CHECK ((DestMax
<= ASCII_RSIZE_MAX
), RETURN_INVALID_PARAMETER
);
773 // 3. DestMax shall not equal zero.
775 SAFE_STRING_CONSTRAINT_CHECK ((DestMax
!= 0), RETURN_INVALID_PARAMETER
);
778 // 4. CopyLen shall not equal zero.
780 SAFE_STRING_CONSTRAINT_CHECK ((CopyLen
!= 0), RETURN_BAD_BUFFER_SIZE
);
783 // 5. CopyLen shall be greater than AsciiStrnLenS(Source, CopyLen).
785 SourceLen
= AsciiStrnLenS (Source
, CopyLen
);
786 SAFE_STRING_CONSTRAINT_CHECK ((CopyLen
> SourceLen
), RETURN_BUFFER_TOO_SMALL
);
789 // 6. Copying shall not take place between objects that overlap.
791 SAFE_STRING_CONSTRAINT_CHECK (InternalSafeStringNoAsciiStrOverlap (Destination
, DestMax
, (CHAR8
*)Source
, SourceLen
+ 1), RETURN_ACCESS_DENIED
);
794 // The AsciiStrCatS function appends a copy of the string pointed to by Source (including the
795 // terminating null character) to the end of the string pointed to by Destination. The initial character
796 // from Source overwrites the null character at the end of Destination.
798 Destination
= Destination
+ DestLen
;
799 while (*Source
!= 0) {
800 *(Destination
++) = *(Source
++);
804 return RETURN_SUCCESS
;
808 Appends not more than Length successive char from the string pointed to by
809 Source to the end of the string pointed to by Destination. If no null char is
810 copied from Source, then Destination[StrLen(Destination) + Length] is always
813 If an error would be returned, then the function will also ASSERT().
815 @param Destination A pointer to a Null-terminated Ascii string.
816 @param DestMax The maximum number of Destination Ascii
817 char, including terminating null char.
818 @param Source A pointer to a Null-terminated Ascii string.
819 @param Length The maximum number of Ascii characters to copy.
821 @retval RETURN_SUCCESS String is appended.
822 @retval RETURN_BAD_BUFFER_SIZE If DestMax is NOT greater than
824 @retval RETURN_BUFFER_TOO_SMALL If (DestMax - StrLen(Destination)) is NOT
825 greater than MIN(StrLen(Source), Length).
826 @retval RETURN_INVALID_PARAMETER If Destination is NULL.
828 If PcdMaximumAsciiStringLength is not zero,
829 and DestMax is greater than
830 PcdMaximumAsciiStringLength.
832 @retval RETURN_ACCESS_DENIED If Source and Destination overlap.
837 IN OUT CHAR8
*Destination
,
839 IN CONST CHAR8
*Source
,
848 // Let CopyLen denote the value DestMax - AsciiStrnLenS(Destination, DestMax) upon entry to AsciiStrnCatS.
850 DestLen
= AsciiStrnLenS (Destination
, DestMax
);
851 CopyLen
= DestMax
- DestLen
;
854 // 1. Neither Destination nor Source shall be a null pointer.
856 SAFE_STRING_CONSTRAINT_CHECK ((Destination
!= NULL
), RETURN_INVALID_PARAMETER
);
857 SAFE_STRING_CONSTRAINT_CHECK ((Source
!= NULL
), RETURN_INVALID_PARAMETER
);
860 // 2. Neither DestMax nor Length shall be greater than ASCII_RSIZE_MAX.
862 if (ASCII_RSIZE_MAX
!= 0) {
863 SAFE_STRING_CONSTRAINT_CHECK ((DestMax
<= ASCII_RSIZE_MAX
), RETURN_INVALID_PARAMETER
);
864 SAFE_STRING_CONSTRAINT_CHECK ((Length
<= ASCII_RSIZE_MAX
), RETURN_INVALID_PARAMETER
);
868 // 3. DestMax shall not equal zero.
870 SAFE_STRING_CONSTRAINT_CHECK ((DestMax
!= 0), RETURN_INVALID_PARAMETER
);
873 // 4. CopyLen shall not equal zero.
875 SAFE_STRING_CONSTRAINT_CHECK ((CopyLen
!= 0), RETURN_BAD_BUFFER_SIZE
);
878 // 5. If Length is not less than CopyLen, then CopyLen shall be greater than AsciiStrnLenS(Source, CopyLen).
880 SourceLen
= AsciiStrnLenS (Source
, CopyLen
);
881 if (Length
>= CopyLen
) {
882 SAFE_STRING_CONSTRAINT_CHECK ((CopyLen
> SourceLen
), RETURN_BUFFER_TOO_SMALL
);
886 // 6. Copying shall not take place between objects that overlap.
888 if (SourceLen
> Length
) {
891 SAFE_STRING_CONSTRAINT_CHECK (InternalSafeStringNoAsciiStrOverlap (Destination
, DestMax
, (CHAR8
*)Source
, SourceLen
+ 1), RETURN_ACCESS_DENIED
);
894 // The AsciiStrnCatS function appends not more than Length successive characters (characters
895 // that follow a null character are not copied) from the array pointed to by Source to the end of
896 // the string pointed to by Destination. The initial character from Source overwrites the null character at
897 // the end of Destination. If no null character was copied from Source, then Destination[DestMax-CopyLen+Length] is set to
900 Destination
= Destination
+ DestLen
;
901 while ((*Source
!= 0) && (SourceLen
> 0)) {
902 *(Destination
++) = *(Source
++);
907 return RETURN_SUCCESS
;