/** @file\r
-This file contains functions required to generate a boot strap file (BSF) also \r
+This file contains functions required to generate a boot strap file (BSF) also\r
known as the Volume Top File (VTF)\r
\r
-Copyright (c) 1999 - 2016, Intel Corporation. All rights reserved.<BR>\r
-This program and the accompanying materials are licensed and made available \r
-under the terms and conditions of the BSD License which accompanies this \r
+Copyright (c) 1999 - 2018, Intel Corporation. All rights reserved.<BR>\r
+This program and the accompanying materials are licensed and made available\r
+under the terms and conditions of the BSD License which accompanies this\r
distribution. The full text of the license may be found at\r
http://opensource.org/licenses/bsd-license.php\r
\r
} else {\r
Length = strlen(Str);\r
if (Length < 4) {\r
- strncpy (TemStr + 4 - Length, Str, Length);\r
+ memcpy (TemStr + 4 - Length, Str, Length);\r
} else {\r
- strncpy (TemStr, Str + Length - 4, 4);\r
+ memcpy (TemStr, Str + Length - 4, 4);\r
}\r
- \r
+\r
sscanf (\r
TemStr,\r
"%02x%02x",\r
}\r
} else if (strnicmp (*TokenStr, "COMP_BIN", 8) == 0) {\r
TokenStr++;\r
- strcpy (VtfInfo->CompBinName, *TokenStr);\r
+ if (strlen (*TokenStr) >= FILE_NAME_SIZE) {\r
+ Error (NULL, 0, 3000, "Invalid", "The 'COMP_BIN' name is too long.");\r
+ return ;\r
+ }\r
+ strncpy (VtfInfo->CompBinName, *TokenStr, FILE_NAME_SIZE - 1);\r
+ VtfInfo->CompBinName[FILE_NAME_SIZE - 1] = 0;\r
} else if (strnicmp (*TokenStr, "COMP_SYM", 8) == 0) {\r
TokenStr++;\r
- strcpy (VtfInfo->CompSymName, *TokenStr);\r
+ if (strlen (*TokenStr) >= FILE_NAME_SIZE) {\r
+ Error (NULL, 0, 3000, "Invalid", "The 'COMP_SYM' name is too long.");\r
+ return ;\r
+ }\r
+ strncpy (VtfInfo->CompSymName, *TokenStr, FILE_NAME_SIZE - 1);\r
+ VtfInfo->CompSymName[FILE_NAME_SIZE - 1] = 0;\r
} else if (strnicmp (*TokenStr, "COMP_SIZE", 9) == 0) {\r
TokenStr++;\r
if (strnicmp (*TokenStr, "-", 1) == 0) {\r
if (SectionOptionFlag) {\r
if (stricmp (*TokenStr, "IA32_RST_BIN") == 0) {\r
TokenStr++;\r
- strcpy (IA32BinFile, *TokenStr);\r
+ if (strlen (*TokenStr) >= FILE_NAME_SIZE) {\r
+ Error (NULL, 0, 3000, "Invalid", "The 'IA32_RST_BIN' name is too long.");\r
+ break;\r
+ }\r
+ strncpy (IA32BinFile, *TokenStr, FILE_NAME_SIZE - 1);\r
+ IA32BinFile[FILE_NAME_SIZE - 1] = 0;\r
}\r
}\r
\r
if (SectionCompFlag) {\r
if (stricmp (*TokenStr, "COMP_NAME") == 0) {\r
TokenStr++;\r
- strcpy (FileListPtr->CompName, *TokenStr);\r
+ if (strlen (*TokenStr) >= COMPONENT_NAME_SIZE) {\r
+ Error (NULL, 0, 3000, "Invalid", "The 'COMP_NAME' name is too long.");\r
+ break;\r
+ }\r
+ strncpy (FileListPtr->CompName, *TokenStr, COMPONENT_NAME_SIZE - 1);\r
+ FileListPtr->CompName[COMPONENT_NAME_SIZE - 1] = 0;\r
TokenStr++;\r
ParseAndUpdateComponents (FileListPtr);\r
}\r
Returns:\r
\r
EFI_INVALID_PARAMETER - The parameter is invalid\r
- EFI_OUT_OF_RESOURCES - Resource can not be allocated\r
EFI_SUCCESS - The function completed successfully\r
\r
--*/\r
CHAR8 Buff4[10];\r
CHAR8 Buff5[10];\r
CHAR8 Token[50];\r
- CHAR8 *FormatString;\r
- INTN FormatLength;\r
+ CHAR8 FormatString[MAX_LINE_LEN];\r
\r
Fp = fopen (LongFilePath (VtfInfo->CompSymName), "rb");\r
\r
//\r
// Generate the format string for fscanf\r
//\r
- FormatLength = snprintf (\r
- NULL,\r
- 0,\r
- "%%%us %%%us %%%us %%%us %%%us %%%us %%%us",\r
- (unsigned) sizeof (Buff1) - 1,\r
- (unsigned) sizeof (Buff2) - 1,\r
- (unsigned) sizeof (OffsetStr) - 1,\r
- (unsigned) sizeof (Buff3) - 1,\r
- (unsigned) sizeof (Buff4) - 1,\r
- (unsigned) sizeof (Buff5) - 1,\r
- (unsigned) sizeof (Token) - 1\r
- ) + 1;\r
-\r
- FormatString = (CHAR8 *) malloc (FormatLength);\r
- if (FormatString == NULL) {\r
- fclose (Fp);\r
-\r
- Error (NULL, 0, 4001, "Resource", "memory cannot be allocated!");\r
- return EFI_OUT_OF_RESOURCES;\r
- }\r
-\r
- snprintf (\r
+ sprintf (\r
FormatString,\r
- FormatLength,\r
"%%%us %%%us %%%us %%%us %%%us %%%us %%%us",\r
(unsigned) sizeof (Buff1) - 1,\r
(unsigned) sizeof (Buff2) - 1,\r
\r
memcpy ((VOID *) RelativeAddress, (VOID *) CompStartAddress, sizeof (UINT64));\r
\r
- if (FormatString != NULL) {\r
- free (FormatString);\r
- }\r
-\r
if (Fp != NULL) {\r
fclose (Fp);\r
}\r
CHAR8 Section[MAX_LONG_FILE_PATH];\r
CHAR8 Token[MAX_LONG_FILE_PATH];\r
CHAR8 BaseToken[MAX_LONG_FILE_PATH];\r
- CHAR8 *FormatString;\r
- INTN FormatLength;\r
+ CHAR8 FormatString[MAX_LINE_LEN];\r
UINT64 TokenAddress;\r
long StartLocation;\r
\r
//\r
// Use the file name minus extension as the base for tokens\r
//\r
- strcpy (BaseToken, SourceFileName);\r
+ if (strlen (SourceFileName) >= MAX_LONG_FILE_PATH) {\r
+ fclose (SourceFile);\r
+ Error (NULL, 0, 2000, "Invalid parameter", "The source file name is too long.");\r
+ return EFI_ABORTED;\r
+ }\r
+ strncpy (BaseToken, SourceFileName, MAX_LONG_FILE_PATH - 1);\r
+ BaseToken[MAX_LONG_FILE_PATH - 1] = 0;\r
strtok (BaseToken, ". \t\n");\r
- strcat (BaseToken, "__");\r
+ if (strlen (BaseToken) + strlen ("__") >= MAX_LONG_FILE_PATH) {\r
+ fclose (SourceFile);\r
+ Error (NULL, 0, 2000, "Invalid parameter", "The source file name is too long.");\r
+ return EFI_ABORTED;\r
+ }\r
+ strncat (BaseToken, "__", MAX_LONG_FILE_PATH - strlen (BaseToken) - 1);\r
\r
//\r
// Open the destination file\r
//\r
// Generate the format string for fscanf\r
//\r
- FormatLength = snprintf (\r
- NULL,\r
- 0,\r
- "%%%us | %%%us | %%%us | %%%us\n",\r
- (unsigned) sizeof (Type) - 1,\r
- (unsigned) sizeof (Address) - 1,\r
- (unsigned) sizeof (Section) - 1,\r
- (unsigned) sizeof (Token) - 1\r
- ) + 1;\r
-\r
- FormatString = (CHAR8 *) malloc (FormatLength);\r
- if (FormatString == NULL) {\r
- fclose (SourceFile);\r
- fclose (DestFile);\r
- Error (NULL, 0, 4001, "Resource", "memory cannot be allocated!");\r
- return EFI_ABORTED;\r
- }\r
-\r
- snprintf (\r
+ sprintf (\r
FormatString,\r
- FormatLength,\r
"%%%us | %%%us | %%%us | %%%us\n",\r
(unsigned) sizeof (Type) - 1,\r
(unsigned) sizeof (Address) - 1,\r
TokenAddress += BaseAddress &~IPF_CACHE_BIT;\r
\r
fprintf (DestFile, "%s | %016llX | ", Type, (unsigned long long) TokenAddress);\r
- fprintf (DestFile, "%s | %s\n %s\n", Section, Token, BaseToken); \r
+ fprintf (DestFile, "%s | %s\n %s\n", Section, Token, BaseToken);\r
}\r
}\r
\r
- free (FormatString);\r
fclose (SourceFile);\r
fclose (DestFile);\r
return EFI_SUCCESS;\r
//\r
// Copyright declaration\r
//\r
- fprintf (stdout, "Copyright (c) 2007 - 2014, Intel Corporation. All rights reserved.\n\n");\r
+ fprintf (stdout, "Copyright (c) 2007 - 2018, Intel Corporation. All rights reserved.\n\n");\r
//\r
// Details Option\r
//\r
}\r
continue;\r
}\r
- \r
+\r
if ((stricmp (argv[Index], "-r") == 0) || (stricmp (argv[Index], "--baseaddr") == 0)) {\r
if (FirstRoundB) {\r
Status = AsciiStringToUint64 (argv[Index + 1], FALSE, &StartAddress1);\r
if (Status != EFI_SUCCESS) {\r
Error (NULL, 0, 2000, "Invalid option value", "%s is Bad FV start address.", argv[Index + 1]);\r
goto ERROR;\r
- } \r
+ }\r
continue;\r
}\r
\r
FirstRoundS = FALSE;\r
} else {\r
Status = AsciiStringToUint64 (argv[Index + 1], FALSE, &FwVolSize2);\r
- SecondVTF = TRUE;\r
+ SecondVTF = TRUE;\r
}\r
\r
if (Status != EFI_SUCCESS) {\r
}\r
\r
if ((stricmp (argv[Index], "-v") == 0) || (stricmp (argv[Index], "--verbose") == 0)) {\r
- VerboseMode = TRUE;\r
- Index--;\r
+ VerboseMode = TRUE;\r
+ Index--;\r
continue;\r
}\r
\r
if (SecondVTF == TRUE) {\r
OutFileName1 = VTF_OUTPUT_FILE1;\r
OutFileName2 = VTF_OUTPUT_FILE2;\r
- } else {\r
+ } else {\r
OutFileName1 = VTF_OUTPUT_FILE1;\r
}\r
SymFileName = VTF_SYM_FILE;\r
} else {\r
- assert (OutFileName1);\r
- INTN OutFileNameLen = strlen(OutFileName1);\r
+ INTN OutFileNameLen;\r
INTN NewIndex;\r
\r
+ assert (OutFileName1);\r
+ OutFileNameLen = strlen(OutFileName1);\r
+\r
for (NewIndex = OutFileNameLen; NewIndex > 0; --NewIndex) {\r
if (OutFileName1[NewIndex] == '/' || OutFileName1[NewIndex] == '\\') {\r
break;\r