From: Hao Wu Date: Mon, 6 Jul 2015 01:41:45 +0000 (+0000) Subject: FatPkg EnhancedFatDxe: Use safe string functions X-Git-Tag: edk2-stable201903~7400^2~1 X-Git-Url: https://git.proxmox.com/?p=mirror_edk2.git;a=commitdiff_plain;h=e76bc43e5d5827e7f8b20b3f89727b9bc86395e8 FatPkg EnhancedFatDxe: Use safe string functions Unsafe string functions are replaced with safe ones. Safe string functions will assert if DestMax is not greater than StrnLenS(Source, DestMax). Therefore, additional assert for checking the size of source and destination buffers can be removed. Contributed-under: TianoCore Contribution Agreement 1.0 Signed-off-by: Hao Wu Reviewed-by: Ruiyu Ni Reviewed-by: Jaben Carsey (based on FatPkg commit 2cb92b4f19b096daf133d6501afa13e5a85062c5) [jordan.l.justen@intel.com: Use script to relicense to 2-clause BSD] Contributed-under: TianoCore Contribution Agreement 1.0 Signed-off-by: Jordan Justen Acked-by: Mark Doran Acked-by: Laszlo Ersek --- diff --git a/FatPkg/EnhancedFatDxe/DirectoryManage.c b/FatPkg/EnhancedFatDxe/DirectoryManage.c index 116f87a4c2..91e7599e27 100644 --- a/FatPkg/EnhancedFatDxe/DirectoryManage.c +++ b/FatPkg/EnhancedFatDxe/DirectoryManage.c @@ -1,6 +1,6 @@ /*++ -Copyright (c) 2005 - 2013, Intel Corporation. All rights reserved.
+Copyright (c) 2005 - 2015, Intel Corporation. All rights reserved.
This program and the accompanying materials are licensed and made available under the terms and conditions of the BSD License which accompanies this distribution. The full text of the license may be found at @@ -116,7 +116,15 @@ Returns: // Write LFN directory entry // SetMem (LfnBuffer, sizeof (CHAR16) * LFN_CHAR_TOTAL * EntryCount, 0xff); - StrCpy (LfnBuffer, DirEnt->FileString); + Status = StrCpyS ( + LfnBuffer, + sizeof (LfnBuffer) / sizeof (LfnBuffer[0]), + DirEnt->FileString + ); + if (EFI_ERROR (Status)) { + return Status; + } + LfnBufferPointer = LfnBuffer; LfnEntry.Attributes = FAT_ATTRIBUTE_LFN; LfnEntry.Type = 0; @@ -349,7 +357,11 @@ Returns: // Fail to get the long file name from long file name entry, // get the file name from short name // - FatGetFileNameViaCaseFlag (DirEnt, LfnBuffer); + FatGetFileNameViaCaseFlag ( + DirEnt, + LfnBuffer, + sizeof (LfnBuffer) / sizeof (LfnBuffer[0]) + ); } DirEnt->FileString = AllocateCopyPool (StrSize (LfnBuffer), LfnBuffer); diff --git a/FatPkg/EnhancedFatDxe/Fat.h b/FatPkg/EnhancedFatDxe/Fat.h index ef1fd35e7e..b73135cdbc 100644 --- a/FatPkg/EnhancedFatDxe/Fat.h +++ b/FatPkg/EnhancedFatDxe/Fat.h @@ -1241,8 +1241,9 @@ FatSetCaseFlag ( VOID FatGetFileNameViaCaseFlag ( - IN FAT_DIRENT *DirEnt, - OUT CHAR16 *FileString + IN FAT_DIRENT *DirEnt, + IN OUT CHAR16 *FileString, + IN UINTN FileStringMax ); UINT8 diff --git a/FatPkg/EnhancedFatDxe/FileName.c b/FatPkg/EnhancedFatDxe/FileName.c index 09690fb076..551cda53b9 100644 --- a/FatPkg/EnhancedFatDxe/FileName.c +++ b/FatPkg/EnhancedFatDxe/FileName.c @@ -1,6 +1,6 @@ /*++ -Copyright (c) 2005 - 2007, Intel Corporation. All rights reserved.
+Copyright (c) 2005 - 2015, Intel Corporation. All rights reserved.
This program and the accompanying materials are licensed and made available under the terms and conditions of the BSD License which accompanies this distribution. The full text of the license may be found at @@ -302,7 +302,6 @@ Returns: CHAR16 Buffer[FAT_MAIN_NAME_LEN + 1 + FAT_EXTEND_NAME_LEN + 1]; UINT8 OutCaseFlag; - ASSERT (StrSize (Str) <= sizeof (Buffer)); // // Assume the case of input string is mixed // @@ -311,7 +310,7 @@ Returns: // Lower case a copy of the string, if it matches the // original then the string is lower case // - StrCpy (Buffer, Str); + StrCpyS (Buffer, sizeof (Buffer) / sizeof (Buffer[0]), Str); FatStrLwr (Buffer); if (StrCmp (Str, Buffer) == 0) { OutCaseFlag = InCaseFlag; @@ -320,7 +319,7 @@ Returns: // Upper case a copy of the string, if it matches the // original then the string is upper case // - StrCpy (Buffer, Str); + StrCpyS (Buffer, sizeof (Buffer) / sizeof (Buffer[0]), Str); FatStrUpr (Buffer); if (StrCmp (Str, Buffer) == 0) { OutCaseFlag = 0; @@ -392,8 +391,9 @@ Returns: VOID FatGetFileNameViaCaseFlag ( - IN FAT_DIRENT *DirEnt, - OUT CHAR16 *FileString + IN FAT_DIRENT *DirEnt, + IN OUT CHAR16 *FileString, + IN UINTN FileStringMax ) /*++ @@ -425,7 +425,7 @@ Returns: FatNameToStr (File8Dot3Name + FAT_MAIN_NAME_LEN, FAT_EXTEND_NAME_LEN, CaseFlag & FAT_CASE_EXT_LOWER, &TempExt[1]); if (TempExt[1] != 0) { TempExt[0] = L'.'; - StrCat (FileString, TempExt); + StrCatS (FileString, FileStringMax, TempExt); } } diff --git a/FatPkg/EnhancedFatDxe/Hash.c b/FatPkg/EnhancedFatDxe/Hash.c index dd67bab313..3d0ffe6fb8 100644 --- a/FatPkg/EnhancedFatDxe/Hash.c +++ b/FatPkg/EnhancedFatDxe/Hash.c @@ -1,6 +1,6 @@ /*++ -Copyright (c) 2005 - 2014, Intel Corporation. All rights reserved.
+Copyright (c) 2005 - 2015, Intel Corporation. All rights reserved.
This program and the accompanying materials are licensed and made available under the terms and conditions of the BSD License which accompanies this distribution. The full text of the license may be found at @@ -47,8 +47,12 @@ Returns: { UINT32 HashValue; CHAR16 UpCasedLongFileName[EFI_PATH_STRING_LENGTH]; - StrnCpy (UpCasedLongFileName, LongNameString, EFI_PATH_STRING_LENGTH - 1); - UpCasedLongFileName[EFI_PATH_STRING_LENGTH - 1] = L'\0'; + StrnCpyS ( + UpCasedLongFileName, + sizeof (UpCasedLongFileName) / sizeof (UpCasedLongFileName[0]), + LongNameString, + sizeof (UpCasedLongFileName) / sizeof (UpCasedLongFileName[0]) - 1 + ); FatStrUpr (UpCasedLongFileName); gBS->CalculateCrc32 (UpCasedLongFileName, StrSize (UpCasedLongFileName), &HashValue); return (HashValue & HASH_TABLE_MASK);