This commit will resolve the issue brought by r17738.
String = AllocateCopyPool (BufferLen, L"MAC:");
The above using of AllocateCopyPool() will read contents out of the scope
of the constant string. Potential risk for the constant string allocated
at the boundary of memory region.
Contributed-under: TianoCore Contribution Agreement 1.0
Signed-off-by: Hao Wu <hao.a.wu@intel.com>
Reviewed-by: Qiu Shumin <shumin.qiu@intel.com>
Reviewed-by: Jeff Fan <jeff.fan@intel.com>
git-svn-id: https://svn.code.sf.net/p/edk2/code/trunk/edk2@17933
6f19259b-4bc3-4df7-8a09-
765794883524
// The size is the Number size + ":" size + Vlan size(\XXXX) + End\r
//\r
BufferLen = (4 + 2 * HwAddressSize + (HwAddressSize - 1) + 5 + 1) * sizeof (CHAR16);\r
- String = AllocateCopyPool (BufferLen, L"MAC:");\r
+ String = AllocateZeroPool (BufferLen);\r
if (String == NULL) {\r
return FALSE;\r
}\r
\r
*PBuffer = String;\r
+ StrCpyS (String, BufferLen / sizeof (CHAR16), L"MAC:");\r
String += 4;\r
\r
//\r