From: bbahnsen Date: Thu, 25 May 2006 18:18:27 +0000 (+0000) Subject: Fix a bug caused by sscanf trashing memory. X-Git-Tag: edk2-stable201903~25421 X-Git-Url: https://git.proxmox.com/?p=mirror_edk2.git;a=commitdiff_plain;h=8d3adb745fc1c57001aeba76532258282615e7cb Fix a bug caused by sscanf trashing memory. git-svn-id: https://edk2.svn.sourceforge.net/svnroot/edk2/trunk/edk2@280 6f19259b-4bc3-4df7-8a09-765794883524 --- diff --git a/Tools/Source/TianoTools/GenDepex/GenDepex.c b/Tools/Source/TianoTools/GenDepex/GenDepex.c index 2a65e086fc..608e27ecb5 100644 --- a/Tools/Source/TianoTools/GenDepex/GenDepex.c +++ b/Tools/Source/TianoTools/GenDepex/GenDepex.c @@ -690,21 +690,33 @@ Returns: Ptrx++; } - ArgCountParsed = sscanf ( - Ptrx, - "%x, %x, %x, { %x, %x, %x, %x, %x, %x, %x, %x }", - &Guid.Data1, - &Guid.Data2, - &Guid.Data3, - &Guid.Data4[0], - &Guid.Data4[1], - &Guid.Data4[2], - &Guid.Data4[3], - &Guid.Data4[4], - &Guid.Data4[5], - &Guid.Data4[6], - &Guid.Data4[7] - ); + { + int byte_index; + // This is an array of UINT32s. sscanf will trash memory + // if you try to read into a UINT8 with a %x formatter. + UINT32 Guid_Data4[8]; + + ArgCountParsed = sscanf ( + Ptrx, + "%x, %x, %x, { %x, %x, %x, %x, %x, %x, %x, %x }", + &Guid.Data1, + &Guid.Data2, + &Guid.Data3, + &Guid_Data4[0], + &Guid_Data4[1], + &Guid_Data4[2], + &Guid_Data4[3], + &Guid_Data4[4], + &Guid_Data4[5], + &Guid_Data4[6], + &Guid_Data4[7] + ); + + // Now we can copy the 32 bit ints into the GUID. + for (byte_index=0; byte_index<8; byte_index++) { + Guid.Data4[byte_index] = (UINT8) Guid_Data4[byte_index]; + } + } if (ArgCountParsed != 11) { printf ("We have found an illegal GUID\n");