summaryrefslogtreecommitdiff
path: root/MdeModulePkg/Universal
diff options
context:
space:
mode:
authorQiu Shumin <shumin.qiu@intel.com>2016-01-04 05:14:53 +0000
committershenshushi <shenshushi@Edk2>2016-01-04 05:14:53 +0000
commit61e078ddcb100537cd6d78eac3fe5abf1936419e (patch)
tree717ac92cf27f8d5626a4518e8a59168ecaf2dcb9 /MdeModulePkg/Universal
parentc9f46d31f4846e37ddeee6d04ba48e78daf75456 (diff)
downloadedk2-platforms-61e078ddcb100537cd6d78eac3fe5abf1936419e.tar.xz
MdeModulePkg: For RegularExpressionDxe use 'sprintf_s' to replace 'sprintf'.
Function 'sprintf' has potential buffer overflow risk. This patch use 'sprintf_s' to improve the code. Contributed-under: TianoCore Contribution Agreement 1.0 Signed-off-by: Qiu Shumin <shumin.qiu@intel.com> Reviewed-by: Yao Jiewen <Jiewen.Yao@intel.com> Reviewed-by: Cinnamon Shia <cinnamon.shia@hpe.com> Reviewed-by: Samer El-Haj-Mahmoud <elhaj@hpe.com> git-svn-id: https://svn.code.sf.net/p/edk2/code/trunk/edk2@19582 6f19259b-4bc3-4df7-8a09-765794883524
Diffstat (limited to 'MdeModulePkg/Universal')
-rw-r--r--MdeModulePkg/Universal/RegularExpressionDxe/Oniguruma/OnigurumaUefiPort.c4
-rw-r--r--MdeModulePkg/Universal/RegularExpressionDxe/Oniguruma/OnigurumaUefiPort.h2
-rw-r--r--MdeModulePkg/Universal/RegularExpressionDxe/Oniguruma/regerror.c4
-rw-r--r--MdeModulePkg/Universal/RegularExpressionDxe/Oniguruma/regposerr.c2
-rw-r--r--MdeModulePkg/Universal/RegularExpressionDxe/Oniguruma/regversion.c8
5 files changed, 12 insertions, 8 deletions
diff --git a/MdeModulePkg/Universal/RegularExpressionDxe/Oniguruma/OnigurumaUefiPort.c b/MdeModulePkg/Universal/RegularExpressionDxe/Oniguruma/OnigurumaUefiPort.c
index 081fcb346b..aaa5d3dc74 100644
--- a/MdeModulePkg/Universal/RegularExpressionDxe/Oniguruma/OnigurumaUefiPort.c
+++ b/MdeModulePkg/Universal/RegularExpressionDxe/Oniguruma/OnigurumaUefiPort.c
@@ -14,13 +14,13 @@
**/
#include "OnigurumaUefiPort.h"
-int sprintf(char *str, char const *fmt, ...)
+int sprintf_s(char *str, size_t sizeOfBuffer, char const *fmt, ...)
{
VA_LIST Marker;
int NumberOfPrinted;
VA_START (Marker, fmt);
- NumberOfPrinted = (int)AsciiVSPrint (str, 1000000, fmt, Marker);
+ NumberOfPrinted = (int)AsciiVSPrint (str, sizeOfBuffer, fmt, Marker);
VA_END (Marker);
return NumberOfPrinted;
diff --git a/MdeModulePkg/Universal/RegularExpressionDxe/Oniguruma/OnigurumaUefiPort.h b/MdeModulePkg/Universal/RegularExpressionDxe/Oniguruma/OnigurumaUefiPort.h
index 18f2851e97..cb791f8c84 100644
--- a/MdeModulePkg/Universal/RegularExpressionDxe/Oniguruma/OnigurumaUefiPort.h
+++ b/MdeModulePkg/Universal/RegularExpressionDxe/Oniguruma/OnigurumaUefiPort.h
@@ -59,7 +59,7 @@ typedef UINTN size_t;
int OnigStrCmp (char* Str1, char* Str2);
-int sprintf (char *str, char const *fmt, ...);
+int sprintf_s (char *str, size_t sizeOfBuffer, char const *fmt, ...);
#define exit(n) ASSERT(FALSE);
diff --git a/MdeModulePkg/Universal/RegularExpressionDxe/Oniguruma/regerror.c b/MdeModulePkg/Universal/RegularExpressionDxe/Oniguruma/regerror.c
index c3ec3626eb..fbc764aa42 100644
--- a/MdeModulePkg/Universal/RegularExpressionDxe/Oniguruma/regerror.c
+++ b/MdeModulePkg/Universal/RegularExpressionDxe/Oniguruma/regerror.c
@@ -191,12 +191,12 @@ onig_error_code_to_format(int code)
static void sprint_byte(char* s, unsigned int v)
{
- sprintf(s, "%02x", (v & 0377));
+ sprintf_s(s, sizeof("00"), "%02x", (v & 0377));
}
static void sprint_byte_with_x(char* s, unsigned int v)
{
- sprintf(s, "\\x%02x", (v & 0377));
+ sprintf_s(s, sizeof("\\x00"), "\\x%02x", (v & 0377));
}
static int to_ascii(OnigEncoding enc, UChar *s, UChar *end,
diff --git a/MdeModulePkg/Universal/RegularExpressionDxe/Oniguruma/regposerr.c b/MdeModulePkg/Universal/RegularExpressionDxe/Oniguruma/regposerr.c
index e72448a868..fb1b9286a2 100644
--- a/MdeModulePkg/Universal/RegularExpressionDxe/Oniguruma/regposerr.c
+++ b/MdeModulePkg/Universal/RegularExpressionDxe/Oniguruma/regposerr.c
@@ -88,7 +88,7 @@ regerror(int posix_ecode, const regex_t* reg ARG_UNUSED, char* buf,
s = "";
}
else {
- sprintf(tbuf, "undefined error code (%d)", posix_ecode);
+ sprintf_s(tbuf, sizeof(tbuf), "undefined error code (%d)", posix_ecode);
s = tbuf;
}
diff --git a/MdeModulePkg/Universal/RegularExpressionDxe/Oniguruma/regversion.c b/MdeModulePkg/Universal/RegularExpressionDxe/Oniguruma/regversion.c
index 087c6ad899..2c81244303 100644
--- a/MdeModulePkg/Universal/RegularExpressionDxe/Oniguruma/regversion.c
+++ b/MdeModulePkg/Universal/RegularExpressionDxe/Oniguruma/regversion.c
@@ -36,7 +36,9 @@ onig_version(void)
{
static char s[12];
- sprintf(s, "%d.%d.%d",
+ sprintf_s(s,
+ sizeof(s),
+ "%d.%d.%d",
ONIGURUMA_VERSION_MAJOR,
ONIGURUMA_VERSION_MINOR,
ONIGURUMA_VERSION_TEENY);
@@ -48,7 +50,9 @@ onig_copyright(void)
{
static char s[58];
- sprintf(s, "Oniguruma %d.%d.%d : Copyright (C) 2002-2008 K.Kosako",
+ sprintf_s(s,
+ sizeof(s),
+ "Oniguruma %d.%d.%d : Copyright (C) 2002-2008 K.Kosako",
ONIGURUMA_VERSION_MAJOR,
ONIGURUMA_VERSION_MINOR,
ONIGURUMA_VERSION_TEENY);