ArmPlatformPkg/Bds: Correct copy of an unaligned Unicode string

When a Unicode string is not stored in a 2-byte aligned memory area,
the StrnCpy() or StrCpy() functions can not be used to copy the string.
The string is now copied using CopyMem().

In the same function, a copy with "AsciiStrnCpy()" has also be replaced
with a copy using "CopyMem()" as the size of the string to copy is in
normal cases known. Another copy using "AsciiStrnCpy()" has been corrected
in order not to run off the array the string is copied into and to ensure
that the copied string has a final zero.

Contributed-under: TianoCore Contribution Agreement 1.0
Signed-off-by: Ronald Cron <ronald.cron@arm.com>
Reviewed-by: Olivier Martin <olivier.martin@arm.com>
git-svn-id: https://svn.code.sf.net/p/edk2/code/trunk/edk2@16009 6f19259b-4bc3-4df7-8a09-765794883524

diff --git a/ArmPlatformPkg/Bds/BootMenu.c b/ArmPlatformPkg/Bds/BootMenu.c
index 25dc1d4ae6bc379721a61025c950fa862f052938..91e00b759ee48bb2073c34907f5f4d3f4b215d46 100644 (file)
--- a/ArmPlatformPkg/Bds/BootMenu.c
+++ b/ArmPlatformPkg/Bds/BootMenu.c
@@ -555,7 +555,8 @@ BootMenuUpdateBootOption (
 \r
     Print(L"Arguments to pass to the binary: ");\r
     if (CmdLineSize > 0) {\r
-      AsciiStrnCpy(CmdLine, (CONST CHAR8*)(LinuxArguments + 1), CmdLineSize);\r
+      AsciiStrnCpy (CmdLine, (CONST CHAR8*)(LinuxArguments + 1), sizeof (CmdLine));\r
+      CmdLine[sizeof (CmdLine) - 1] = '\0';\r
     } else {\r
       CmdLine[0] = '\0';\r
     }\r
@@ -581,10 +582,29 @@ BootMenuUpdateBootOption (
     if (BootOption->OptionalDataSize > 0) {\r
       IsPrintable = IsPrintableString (BootOption->OptionalData, &IsUnicode);\r
       if (IsPrintable) {\r
+          //\r
+          // The size in bytes of the string, final zero included, should\r
+          // be equal to or at least lower than "BootOption->OptionalDataSize"\r
+          // and the "IsPrintableString()" has already tested that the length\r
+          // in number of characters is smaller than BOOT_DEVICE_OPTION_MAX,\r
+          // final '\0' included. We can thus copy the string for editing\r
+          // using "CopyMem()". Furthermore, note that in the case of an Unicode\r
+          // string "StrnCpy()" and "StrCpy()" can not be used to copy the\r
+          // string because the data pointed to by "BootOption->OptionalData"\r
+          // is not necessarily 2-byte aligned.\r
+          //\r
         if (IsUnicode) {\r
-          StrnCpy (UnicodeCmdLine, BootOption->OptionalData, BootOption->OptionalDataSize / 2);\r
+          CopyMem (\r
+            UnicodeCmdLine, BootOption->OptionalData,\r
+            MIN (sizeof (UnicodeCmdLine),\r
+                 BootOption->OptionalDataSize)\r
+            );\r
         } else {\r
-          AsciiStrnCpy (CmdLine, BootOption->OptionalData, BootOption->OptionalDataSize);\r
+          CopyMem (\r
+            CmdLine, BootOption->OptionalData,\r
+            MIN (sizeof (CmdLine),\r
+                 BootOption->OptionalDataSize)\r
+            );\r
         }\r
       }\r
     } else {\r