In this fix, WinNtSimpleFileSystemOpen only trims the leading and trailing blank...

A new function IsFileNameValid is added to check if input FileName is valid. If the FileName meets the following scenirio, it will be considered to be invalid:
1) There is two "\" in the path. For example, ".\SomePath\\".
2) There is a least one "/" in the path. The reason is that UEFI 2.1 specifcation only mention that ".", ".." and "\" is valid path modifiers.
3) There is more than two continous dots in the path name token. For example, ".\SomePath\....\SomeName.txt".

git-svn-id: https://edk2.svn.sourceforge.net/svnroot/edk2/trunk/edk2@4973 6f19259b-4bc3-4df7-8a09-765794883524

diff --git a/Nt32Pkg/WinNtSimpleFileSystemDxe/WinNtSimpleFileSystem.c b/Nt32Pkg/WinNtSimpleFileSystemDxe/WinNtSimpleFileSystem.c
index 490d32a8928264e2a315d07ace97e85c8141fc55..2e3588e34c16def00e3f0a9288bb84b5f434836d 100644 (file)
--- a/Nt32Pkg/WinNtSimpleFileSystemDxe/WinNtSimpleFileSystem.c
+++ b/Nt32Pkg/WinNtSimpleFileSystemDxe/WinNtSimpleFileSystem.c
@@ -1,6 +1,6 @@
 /**@file\r
 \r
-Copyright (c) 2006 - 2007, Intel Corporation\r
+Copyright (c) 2006 - 2008, Intel Corporation\r
 All rights reserved. This program and the accompanying materials\r
 are licensed and made available under the terms and conditions of the BSD License\r
 which accompanies this distribution.  The full text of the license may be found at\r
@@ -617,6 +617,156 @@ Done:
   return Status;\r
 }\r
 \r
+/**\r
+  Count the number of Leading Dot in FileNameToken.\r
+\r
+  @param FileNameToken  A string representing a token in the path name.\r
+\r
+  @return  UINTN             The number of leading dot in the name.\r
+\r
+**/\r
+UINTN\r
+CountLeadingDots (\r
+  IN CONST CHAR16 * FileNameToken\r
+  )\r
+{\r
+  UINTN          Num;\r
+\r
+  Num = 0;\r
+  while (*FileNameToken == L'.') {\r
+    Num++;\r
+    FileNameToken++;\r
+  }\r
+  \r
+  return Num;\r
+}\r
+\r
+BOOLEAN \r
+IsFileNameTokenValid (\r
+  IN CONST CHAR16 * FileNameToken\r
+  )\r
+{\r
+  UINTN Num;\r
+  if (StrStr (FileNameToken, L"/") != NULL) {\r
+    //\r
+    // No L'/' in file name.\r
+    //\r
+    return FALSE;\r
+  } else {\r
+    //\r
+    // If Token has all dot, the number should not exceed 2\r
+    //\r
+    Num = CountLeadingDots (FileNameToken);\r
+\r
+    if (Num == StrLen (FileNameToken)) {\r
+      //\r
+      // If the FileNameToken only contains a number of L'.'.\r
+      //\r
+      if (Num > 2) {\r
+        return FALSE;\r
+      }\r
+    }\r
+  }\r
+\r
+  return TRUE;\r
+}\r
+\r
+/**\r
+  Return the first string token found in the indirect pointer a String named by FileName.\r
+\r
+  On input, FileName is a indirect pointer pointing to a String.\r
+  On output, FileName is a updated to point to the next character after the first\r
+  found L"\" or NULL if there is no L"\" found.\r
+\r
+  @param FileName  A indirect pointer pointing to a FileName.\r
+\r
+  @return  Token      The first string token found before a L"\".\r
+\r
+**/\r
+CHAR16 *\r
+GetNextFileNameToken (\r
+  IN OUT CONST CHAR16 ** FileName \r
+  )\r
+{\r
+  CHAR16 *SlashPos;\r
+  CHAR16 *Token;\r
+  UINTN  Offset;\r
+  ASSERT (**FileName != L'\\');\r
+  ASSERT (**FileName != L'\0');\r
+\r
+  SlashPos = StrStr (*FileName, L"\\");\r
+  if (SlashPos == NULL) {\r
+    Token = AllocateCopyPool (StrSize(*FileName), *FileName);\r
+    *FileName = NULL;\r
+  } else {\r
+    Offset = SlashPos - *FileName;\r
+    Token = AllocateZeroPool ((Offset + 1) * sizeof (CHAR16));\r
+    StrnCpy (Token, *FileName, Offset);\r
+    //\r
+    // Point *FileName to the next character after L'\'.\r
+    //\r
+    *FileName = *FileName + Offset + 1;\r
+  }\r
+\r
+  return Token;\r
+}\r
+\r
+/**\r
+  Check if a FileName contains only Valid Characters.\r
+\r
+  If FileName contains only a single L'\', return TRUE.\r
+  If FileName contains two adjacent L'\', return FALSE.\r
+  If FileName conatins L'/' , return FALSE.\r
+  If FielName contains more than two dots seperated with other FileName characters\r
+  by L'\', return FALSE. For example, L'.\...\filename.txt' is invalid path name. But L'..TwoDots\filename.txt' is valid path name.\r
+\r
+  @param FileName  The File Name String to check.\r
+\r
+  @return  TRUE        FileName only contains valid characters.\r
+  @return  FALSE       FileName contains at least one invalid character.\r
+\r
+**/\r
+\r
+BOOLEAN\r
+IsFileNameValid (\r
+  IN CONST CHAR16 *FileName \r
+  )\r
+{\r
+  CHAR16       *Token;\r
+  BOOLEAN      Valid;\r
+\r
+  //\r
+  // If FileName is just L'\', then it is a valid pathname. \r
+  //\r
+  if (StrCmp (FileName, L"\\") == 0) {\r
+    return TRUE;\r
+  }\r
+  //\r
+  // We don't support two or more adjacent L'\'.\r
+  //\r
+  if (StrStr (FileName, L"\\\\") != NULL) {\r
+    return FALSE;\r
+  }\r
+\r
+  //\r
+  // Is FileName has a leading L"\", skip to next character.\r
+  //\r
+  if (FileName [0] == L'\\') {\r
+    FileName++;\r
+  }\r
+\r
+  do {\r
+    Token = GetNextFileNameToken (&FileName);\r
+    Valid = IsFileNameTokenValid (Token);\r
+    FreePool (Token);\r
+    \r
+    if (!Valid)\r
+      return FALSE;\r
+  } while (FileName != NULL);\r
+\r
+  return TRUE;\r
+}\r
+\r
 EFI_STATUS\r
 EFIAPI\r
 WinNtSimpleFileSystemOpen (\r
@@ -634,7 +784,7 @@ Routine Description:
 \r
 Arguments:\r
 \r
-  This        - A pointer to the source file location.\r
+  This        - A pointer to the seource file location.\r
 \r
   NewHandle   - Pointer to storage for the new file handle.\r
 \r
@@ -767,10 +917,10 @@ OpenRoot:
     }\r
     CutPrefix (FileName, Count);\r
     //\r
-    // Trim trailing dots and blanks\r
+    // Trim trailing blanks\r
     //\r
     for (TempFileName = FileName + StrLen (FileName) - 1;\r
-      TempFileName >= FileName && (*TempFileName == L' ' || *TempFileName == L'.');\r
+      TempFileName >= FileName && (*TempFileName == L' ');\r
       TempFileName--) {\r
       ;\r
     }\r
@@ -821,6 +971,11 @@ OpenRoot:
     }\r
   }\r
 \r
+  if (!IsFileNameValid (NewPrivateFile->FileName)) {\r
+    Status = EFI_NOT_FOUND;\r
+    goto Done;\r
+  }\r
+\r
   //\r
   // Get rid of . and .., except leading . or ..\r
   //\r