MdePkg: ensure SafeString length functions don't access beyond MaxSize
authorLeif Lindholm <leif.lindholm@linaro.org>
Mon, 13 Jul 2015 11:35:28 +0000 (11:35 +0000)
committerlgao4 <lgao4@Edk2>
Mon, 13 Jul 2015 11:35:28 +0000 (11:35 +0000)
commit2ad9cf37a492e69a4e1b7624d92d9a35fce083fc
treea773d20c02e7d9825d2133dec98fc147d9558230
parent6bc4e42f9d043bcda03f03a74e6dec0aa5c0ead1
MdePkg: ensure SafeString length functions don't access beyond MaxSize

The StrnLenS and AsciiStrnLenS functions, when presented with a string
with no terminating NULL in the first MaxSize characters will check
the character at String[MaxSize] before checking if Length < MaxSize.
(They return the correct value, but have accessed beyond the stated
limit in the process.)

Flip the order of the tests to prevent this behaviour.

Contributed-under: TianoCore Contribution Agreement 1.0
Signed-off-by: Leif Lindholm <leif.lindholm@linaro.org>
Reviewed-by: Jiewen Yao <jiewen.yao@intel.com>
Reviewed-by: Liming Gao <liming.gao@intel.com>
git-svn-id: https://svn.code.sf.net/p/edk2/code/trunk/edk2@17936 6f19259b-4bc3-4df7-8a09-765794883524
MdePkg/Library/BaseLib/SafeString.c