/** @file\r
Print Library internal worker functions.\r
\r
- Copyright (c) 2006 - 2015, Intel Corporation. All rights reserved.<BR>\r
+ Copyright (c) 2006 - 2017, Intel Corporation. All rights reserved.<BR>\r
This program and the accompanying materials\r
are licensed and made available under the terms and conditions of the BSD License\r
which accompanies this distribution. The full text of the license may be found at\r
#define WARNING_STATUS_NUMBER 5\r
#define ERROR_STATUS_NUMBER 33\r
\r
+//\r
+// Safe print checks\r
+//\r
+#define RSIZE_MAX (PcdGet32 (PcdMaximumUnicodeStringLength))\r
+#define ASCII_RSIZE_MAX (PcdGet32 (PcdMaximumAsciiStringLength))\r
+\r
+#define SAFE_PRINT_CONSTRAINT_CHECK(Expression, RetVal) \\r
+ do { \\r
+ ASSERT (Expression); \\r
+ if (!(Expression)) { \\r
+ return RetVal; \\r
+ } \\r
+ } while (FALSE)\r
+\r
GLOBAL_REMOVE_IF_UNREFERENCED CONST CHAR8 mHexStr[] = {'0','1','2','3','4','5','6','7','8','9','A','B','C','D','E','F'};\r
\r
GLOBAL_REMOVE_IF_UNREFERENCED CONST CHAR8 * CONST mStatusString[] = {\r
// DxePrintLibPrint2Protocol (both PrintLib instances).\r
//\r
\r
+ //\r
+ // 1. Buffer shall not be a null pointer when both BufferSize > 0 and\r
+ // COUNT_ONLY_NO_PRINT is not set in Flags.\r
+ //\r
+ if ((BufferSize > 0) && ((Flags & COUNT_ONLY_NO_PRINT) == 0)) {\r
+ SAFE_PRINT_CONSTRAINT_CHECK ((Buffer != NULL), 0);\r
+ }\r
+\r
+ //\r
+ // 2. Format shall not be a null pointer when BufferSize > 0 or when\r
+ // COUNT_ONLY_NO_PRINT is set in Flags.\r
+ //\r
+ if ((BufferSize > 0) || ((Flags & COUNT_ONLY_NO_PRINT) != 0)) {\r
+ SAFE_PRINT_CONSTRAINT_CHECK ((Format != NULL), 0);\r
+ }\r
+\r
+ //\r
+ // 3. BufferSize shall not be greater than RSIZE_MAX for Unicode output or\r
+ // ASCII_RSIZE_MAX for Ascii output.\r
+ //\r
+ if ((Flags & OUTPUT_UNICODE) != 0) {\r
+ if (RSIZE_MAX != 0) {\r
+ SAFE_PRINT_CONSTRAINT_CHECK ((BufferSize <= RSIZE_MAX), 0);\r
+ }\r
+ BytesPerOutputCharacter = 2;\r
+ } else {\r
+ if (ASCII_RSIZE_MAX != 0) {\r
+ SAFE_PRINT_CONSTRAINT_CHECK ((BufferSize <= ASCII_RSIZE_MAX), 0);\r
+ }\r
+ BytesPerOutputCharacter = 1;\r
+ }\r
+\r
+ //\r
+ // 4. Format shall not contain more than RSIZE_MAX Unicode characters or\r
+ // ASCII_RSIZE_MAX Ascii characters.\r
+ //\r
+ if ((Flags & FORMAT_UNICODE) != 0) {\r
+ if (RSIZE_MAX != 0) {\r
+ SAFE_PRINT_CONSTRAINT_CHECK ((StrnLenS ((CHAR16 *)Format, RSIZE_MAX + 1) <= RSIZE_MAX), 0);\r
+ }\r
+ BytesPerFormatCharacter = 2;\r
+ FormatMask = 0xffff;\r
+ } else {\r
+ if (ASCII_RSIZE_MAX != 0) {\r
+ SAFE_PRINT_CONSTRAINT_CHECK ((AsciiStrnLenS (Format, ASCII_RSIZE_MAX + 1) <= ASCII_RSIZE_MAX), 0);\r
+ }\r
+ BytesPerFormatCharacter = 1;\r
+ FormatMask = 0xff;\r
+ }\r
+\r
if ((Flags & COUNT_ONLY_NO_PRINT) != 0) {\r
if (BufferSize == 0) {\r
Buffer = NULL;\r
if (BufferSize == 0) {\r
return 0;\r
}\r
- ASSERT (Buffer != NULL);\r
- }\r
-\r
- if ((Flags & OUTPUT_UNICODE) != 0) {\r
- BytesPerOutputCharacter = 2;\r
- } else {\r
- BytesPerOutputCharacter = 1;\r
}\r
\r
LengthToReturn = 0;\r
EndBuffer = Buffer + BufferSize * BytesPerOutputCharacter;\r
}\r
\r
- if ((Flags & FORMAT_UNICODE) != 0) {\r
- //\r
- // Make sure format string cannot contain more than PcdMaximumUnicodeStringLength\r
- // Unicode characters if PcdMaximumUnicodeStringLength is not zero. \r
- //\r
- ASSERT (StrSize ((CHAR16 *) Format) != 0);\r
- BytesPerFormatCharacter = 2;\r
- FormatMask = 0xffff;\r
- } else {\r
- //\r
- // Make sure format string cannot contain more than PcdMaximumAsciiStringLength\r
- // Ascii characters if PcdMaximumAsciiStringLength is not zero. \r
- //\r
- ASSERT (AsciiStrSize (Format) != 0);\r
- BytesPerFormatCharacter = 1;\r
- FormatMask = 0xff;\r
- }\r
-\r
//\r
// Get the first character from the format string\r
//\r
// Null terminate the Unicode or ASCII string\r
//\r
BasePrintLibFillBuffer (Buffer, EndBuffer + BytesPerOutputCharacter, 1, 0, BytesPerOutputCharacter);\r
- //\r
- // Make sure output buffer cannot contain more than PcdMaximumUnicodeStringLength\r
- // Unicode characters if PcdMaximumUnicodeStringLength is not zero. \r
- //\r
- ASSERT ((((Flags & OUTPUT_UNICODE) == 0)) || (StrSize ((CHAR16 *) OriginalBuffer) != 0));\r
- //\r
- // Make sure output buffer cannot contain more than PcdMaximumAsciiStringLength\r
- // ASCII characters if PcdMaximumAsciiStringLength is not zero. \r
- //\r
- ASSERT ((((Flags & OUTPUT_UNICODE) != 0)) || (AsciiStrSize (OriginalBuffer) != 0));\r
\r
return ((Buffer - OriginalBuffer) / BytesPerOutputCharacter);\r
}\r
projects / mirror_edk2.git / blobdiff