From 4477336d058015b2e05e890aad2d79bac636789c Mon Sep 17 00:00:00 2001 From: Ronald Cron Date: Mon, 1 Sep 2014 13:17:23 +0000 Subject: ArmPlatformPkg/Bds: Correct copy of an unaligned Unicode string When a Unicode string is not stored in a 2-byte aligned memory area, the StrnCpy() or StrCpy() functions can not be used to copy the string. The string is now copied using CopyMem(). In the same function, a copy with "AsciiStrnCpy()" has also be replaced with a copy using "CopyMem()" as the size of the string to copy is in normal cases known. Another copy using "AsciiStrnCpy()" has been corrected in order not to run off the array the string is copied into and to ensure that the copied string has a final zero. Contributed-under: TianoCore Contribution Agreement 1.0 Signed-off-by: Ronald Cron Reviewed-by: Olivier Martin git-svn-id: https://svn.code.sf.net/p/edk2/code/trunk/edk2@16009 6f19259b-4bc3-4df7-8a09-765794883524 --- ArmPlatformPkg/Bds/BootMenu.c | 26 +++++++++++++++++++++++--- 1 file changed, 23 insertions(+), 3 deletions(-) (limited to 'ArmPlatformPkg') diff --git a/ArmPlatformPkg/Bds/BootMenu.c b/ArmPlatformPkg/Bds/BootMenu.c index 25dc1d4ae6..91e00b759e 100644 --- a/ArmPlatformPkg/Bds/BootMenu.c +++ b/ArmPlatformPkg/Bds/BootMenu.c @@ -555,7 +555,8 @@ BootMenuUpdateBootOption ( Print(L"Arguments to pass to the binary: "); if (CmdLineSize > 0) { - AsciiStrnCpy(CmdLine, (CONST CHAR8*)(LinuxArguments + 1), CmdLineSize); + AsciiStrnCpy (CmdLine, (CONST CHAR8*)(LinuxArguments + 1), sizeof (CmdLine)); + CmdLine[sizeof (CmdLine) - 1] = '\0'; } else { CmdLine[0] = '\0'; } @@ -581,10 +582,29 @@ BootMenuUpdateBootOption ( if (BootOption->OptionalDataSize > 0) { IsPrintable = IsPrintableString (BootOption->OptionalData, &IsUnicode); if (IsPrintable) { + // + // The size in bytes of the string, final zero included, should + // be equal to or at least lower than "BootOption->OptionalDataSize" + // and the "IsPrintableString()" has already tested that the length + // in number of characters is smaller than BOOT_DEVICE_OPTION_MAX, + // final '\0' included. We can thus copy the string for editing + // using "CopyMem()". Furthermore, note that in the case of an Unicode + // string "StrnCpy()" and "StrCpy()" can not be used to copy the + // string because the data pointed to by "BootOption->OptionalData" + // is not necessarily 2-byte aligned. + // if (IsUnicode) { - StrnCpy (UnicodeCmdLine, BootOption->OptionalData, BootOption->OptionalDataSize / 2); + CopyMem ( + UnicodeCmdLine, BootOption->OptionalData, + MIN (sizeof (UnicodeCmdLine), + BootOption->OptionalDataSize) + ); } else { - AsciiStrnCpy (CmdLine, BootOption->OptionalData, BootOption->OptionalDataSize); + CopyMem ( + CmdLine, BootOption->OptionalData, + MIN (sizeof (CmdLine), + BootOption->OptionalDataSize) + ); } } } else { -- cgit v1.2.3