From 5ad66ec6925f1564137752be4d8656d462ebeaf2 Mon Sep 17 00:00:00 2001 From: Dandan Bi Date: Mon, 29 Jun 2015 02:36:31 +0000 Subject: MdeModulePkg:Use safe string functions Replace unsafe String functions with new added safe string functions Contributed-under: TianoCore Contribution Agreement 1.0 Signed-off-by: Dandan Bi Reviewed-by: Liming Gao git-svn-id: https://svn.code.sf.net/p/edk2/code/trunk/edk2@17724 6f19259b-4bc3-4df7-8a09-765794883524 --- .../Universal/DisplayEngineDxe/FormDisplay.c | 32 ++++++++++++---------- .../Universal/DisplayEngineDxe/InputHandler.c | 20 ++++++++------ .../Universal/DisplayEngineDxe/ProcessOptions.c | 30 +++++++++++--------- 3 files changed, 45 insertions(+), 37 deletions(-) (limited to 'MdeModulePkg/Universal/DisplayEngineDxe') diff --git a/MdeModulePkg/Universal/DisplayEngineDxe/FormDisplay.c b/MdeModulePkg/Universal/DisplayEngineDxe/FormDisplay.c index 9f50f832aa..ae3038b6cb 100644 --- a/MdeModulePkg/Universal/DisplayEngineDxe/FormDisplay.c +++ b/MdeModulePkg/Universal/DisplayEngineDxe/FormDisplay.c @@ -2149,6 +2149,7 @@ FxConfirmPopup ( UINT32 CheckFlags; BOOLEAN RetVal; UINTN CatLen; + UINTN MaxLen; CfmStrLen = 0; CatLen = StrLen (gConfirmMsgConnect); @@ -2209,50 +2210,51 @@ FxConfirmPopup ( // Allocate buffer to save the string. // String + "?" + "\0" // - CfmStr = AllocateZeroPool ((CfmStrLen + 1 + 1) * sizeof (CHAR16)); + MaxLen = CfmStrLen + 1 + 1; + CfmStr = AllocateZeroPool (MaxLen * sizeof (CHAR16)); ASSERT (CfmStr != NULL); if ((Action & BROWSER_ACTION_DISCARD) == BROWSER_ACTION_DISCARD) { - StrCpy (CfmStr, gConfirmDiscardMsg); + StrCpyS (CfmStr, MaxLen, gConfirmDiscardMsg); } if ((Action & BROWSER_ACTION_DEFAULT) == BROWSER_ACTION_DEFAULT) { if (CfmStr[0] != 0) { - StrCat (CfmStr, gConfirmMsgConnect); - StrCat (CfmStr, gConfirmDefaultMsg2nd); + StrCatS (CfmStr, MaxLen, gConfirmMsgConnect); + StrCatS (CfmStr, MaxLen, gConfirmDefaultMsg2nd); } else { - StrCpy (CfmStr, gConfirmDefaultMsg); + StrCpyS (CfmStr, MaxLen, gConfirmDefaultMsg); } } if ((Action & BROWSER_ACTION_SUBMIT) == BROWSER_ACTION_SUBMIT) { if (CfmStr[0] != 0) { - StrCat (CfmStr, gConfirmMsgConnect); - StrCat (CfmStr, gConfirmSubmitMsg2nd); + StrCatS (CfmStr, MaxLen, gConfirmMsgConnect); + StrCatS (CfmStr, MaxLen, gConfirmSubmitMsg2nd); } else { - StrCpy (CfmStr, gConfirmSubmitMsg); + StrCpyS (CfmStr, MaxLen, gConfirmSubmitMsg); } } if ((Action & BROWSER_ACTION_RESET) == BROWSER_ACTION_RESET) { if (CfmStr[0] != 0) { - StrCat (CfmStr, gConfirmMsgConnect); - StrCat (CfmStr, gConfirmResetMsg2nd); + StrCatS (CfmStr, MaxLen, gConfirmMsgConnect); + StrCatS (CfmStr, MaxLen, gConfirmResetMsg2nd); } else { - StrCpy (CfmStr, gConfirmResetMsg); + StrCpyS (CfmStr, MaxLen, gConfirmResetMsg); } } if ((Action & BROWSER_ACTION_EXIT) == BROWSER_ACTION_EXIT) { if (CfmStr[0] != 0) { - StrCat (CfmStr, gConfirmMsgConnect); - StrCat (CfmStr, gConfirmExitMsg2nd); + StrCatS (CfmStr, MaxLen, gConfirmMsgConnect); + StrCatS (CfmStr, MaxLen, gConfirmExitMsg2nd); } else { - StrCpy (CfmStr, gConfirmExitMsg); + StrCpyS (CfmStr, MaxLen, gConfirmExitMsg); } } - StrCat (CfmStr, gConfirmMsgEnd); + StrCatS (CfmStr, MaxLen, gConfirmMsgEnd); do { CreateDialog (&Key, gEmptyString, CfmStr, gConfirmOpt, gEmptyString, NULL); diff --git a/MdeModulePkg/Universal/DisplayEngineDxe/InputHandler.c b/MdeModulePkg/Universal/DisplayEngineDxe/InputHandler.c index a0b87ff7be..bbbbdaa8c1 100644 --- a/MdeModulePkg/Universal/DisplayEngineDxe/InputHandler.c +++ b/MdeModulePkg/Universal/DisplayEngineDxe/InputHandler.c @@ -1,7 +1,7 @@ /** @file Implementation for handling user input from the User Interfaces. -Copyright (c) 2004 - 2012, Intel Corporation. All rights reserved.
+Copyright (c) 2004 - 2015, Intel Corporation. All rights reserved.
This program and the accompanying materials are licensed and made available under the terms and conditions of the BSD License which accompanies this distribution. The full text of the license may be found at @@ -84,6 +84,7 @@ ReadString ( UINTN Maximum; FORM_DISPLAY_ENGINE_STATEMENT *Question; BOOLEAN IsPassword; + UINTN MaxLen; DimensionsWidth = gStatementDimensions.RightColumn - gStatementDimensions.LeftColumn; DimensionsHeight = gStatementDimensions.BottomRow - gStatementDimensions.TopRow; @@ -102,7 +103,8 @@ ReadString ( IsPassword = FALSE; } - TempString = AllocateZeroPool ((Maximum + 1)* sizeof (CHAR16)); + MaxLen = Maximum + 1; + TempString = AllocateZeroPool (MaxLen * sizeof (CHAR16)); ASSERT (TempString); if (ScreenSize < (Maximum + 1)) { @@ -244,7 +246,7 @@ ReadString ( // // Effectively truncate string by 1 character // - StrCpy (StringPtr, TempString); + StrCpyS (StringPtr, MaxLen, TempString); CurrentCursor --; } @@ -253,7 +255,7 @@ ReadString ( // If it is the beginning of the string, don't worry about checking maximum limits // if ((StringPtr[0] == CHAR_NULL) && (Key.UnicodeChar != CHAR_BACKSPACE)) { - StrnCpy (StringPtr, &Key.UnicodeChar, 1); + StrnCpyS (StringPtr, MaxLen, &Key.UnicodeChar, 1); CurrentCursor++; } else if ((GetStringWidth (StringPtr) < ((Maximum + 1) * sizeof (CHAR16))) && (Key.UnicodeChar != CHAR_BACKSPACE)) { KeyPad[0] = Key.UnicodeChar; @@ -264,11 +266,11 @@ ReadString ( TempString[Index] = StringPtr[Index]; } TempString[Index] = CHAR_NULL; - StrCat (TempString, KeyPad); - StrCat (TempString, StringPtr + CurrentCursor); - StrCpy (StringPtr, TempString); + StrCatS (TempString, MaxLen, KeyPad); + StrCatS (TempString, MaxLen, StringPtr + CurrentCursor); + StrCpyS (StringPtr, MaxLen, TempString); } else { - StrCat (StringPtr, KeyPad); + StrCatS (StringPtr, MaxLen, KeyPad); } CurrentCursor++; } @@ -1447,7 +1449,7 @@ GetSelectionInputPopUp ( CopyMem (TempStringPtr, StringPtr, (sizeof (CHAR16) * (PopUpWidth - 5))); FreePool (StringPtr); StringPtr = TempStringPtr; - StrCat (StringPtr, L"..."); + StrCatS (StringPtr, PopUpWidth - 1, L"..."); } if (Index == HighlightOptionIndex) { diff --git a/MdeModulePkg/Universal/DisplayEngineDxe/ProcessOptions.c b/MdeModulePkg/Universal/DisplayEngineDxe/ProcessOptions.c index 52dc5f29d9..f55fb2e263 100644 --- a/MdeModulePkg/Universal/DisplayEngineDxe/ProcessOptions.c +++ b/MdeModulePkg/Universal/DisplayEngineDxe/ProcessOptions.c @@ -28,6 +28,7 @@ WITHOUT WARRANTIES OR REPRESENTATIONS OF ANY KIND, EITHER EXPRESS OR IMPLIED. VOID NewStrCat ( IN OUT CHAR16 *Destination, + IN UINTN DestMax, IN CHAR16 *Source ) { @@ -45,7 +46,7 @@ NewStrCat ( Destination[Length] = NARROW_CHAR; Length++; - StrCpy (Destination + Length, Source); + StrCpyS (Destination + Length, DestMax - Length, Source); } /** @@ -957,6 +958,7 @@ ProcessOptions ( UINT8 ValueType; EFI_IFR_ORDERED_LIST *OrderList; BOOLEAN ValueInvalid; + UINTN MaxLen; Status = EFI_SUCCESS; @@ -999,7 +1001,8 @@ ProcessOptions ( // We now know how many strings we will have, so we can allocate the // space required for the array or strings. // - *OptionString = AllocateZeroPool (OrderList->MaxContainers * BufferSize); + MaxLen = OrderList->MaxContainers * BufferSize / sizeof (CHAR16); + *OptionString = AllocateZeroPool (MaxLen * sizeof (CHAR16)); ASSERT (*OptionString); HiiValue.Type = ValueType; @@ -1057,14 +1060,14 @@ ProcessOptions ( } Character[0] = LEFT_ONEOF_DELIMITER; - NewStrCat (OptionString[0], Character); + NewStrCat (OptionString[0], MaxLen, Character); StringPtr = GetToken (OneOfOption->OptionOpCode->Option, gFormData->HiiHandle); ASSERT (StringPtr != NULL); - NewStrCat (OptionString[0], StringPtr); + NewStrCat (OptionString[0], MaxLen, StringPtr); Character[0] = RIGHT_ONEOF_DELIMITER; - NewStrCat (OptionString[0], Character); + NewStrCat (OptionString[0], MaxLen, Character); Character[0] = CHAR_CARRIAGE_RETURN; - NewStrCat (OptionString[0], Character); + NewStrCat (OptionString[0], MaxLen, Character); FreePool (StringPtr); } @@ -1092,14 +1095,14 @@ ProcessOptions ( // Not report error, just get the correct option string info. // Character[0] = LEFT_ONEOF_DELIMITER; - NewStrCat (OptionString[0], Character); + NewStrCat (OptionString[0], MaxLen, Character); StringPtr = GetToken (OneOfOption->OptionOpCode->Option, gFormData->HiiHandle); ASSERT (StringPtr != NULL); - NewStrCat (OptionString[0], StringPtr); + NewStrCat (OptionString[0], MaxLen, StringPtr); Character[0] = RIGHT_ONEOF_DELIMITER; - NewStrCat (OptionString[0], Character); + NewStrCat (OptionString[0], MaxLen, Character); Character[0] = CHAR_CARRIAGE_RETURN; - NewStrCat (OptionString[0], Character); + NewStrCat (OptionString[0], MaxLen, Character); FreePool (StringPtr); continue; @@ -1151,6 +1154,7 @@ ProcessOptions ( // Status = GetSelectionInputPopUp (MenuOption); } else { + MaxLen = BufferSize / sizeof(CHAR16); *OptionString = AllocateZeroPool (BufferSize); ASSERT (*OptionString); @@ -1204,12 +1208,12 @@ ProcessOptions ( } Character[0] = LEFT_ONEOF_DELIMITER; - NewStrCat (OptionString[0], Character); + NewStrCat (OptionString[0], MaxLen, Character); StringPtr = GetToken (OneOfOption->OptionOpCode->Option, gFormData->HiiHandle); ASSERT (StringPtr != NULL); - NewStrCat (OptionString[0], StringPtr); + NewStrCat (OptionString[0], MaxLen, StringPtr); Character[0] = RIGHT_ONEOF_DELIMITER; - NewStrCat (OptionString[0], Character); + NewStrCat (OptionString[0], MaxLen, Character); FreePool (StringPtr); } -- cgit v1.2.3