From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Received: from mx1.redhat.com (mx1.redhat.com [209.132.183.28]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ml01.01.org (Postfix) with ESMTPS id B7A9F1A1E46 for ; Tue, 25 Oct 2016 04:11:16 -0700 (PDT) Received: from int-mx13.intmail.prod.int.phx2.redhat.com (int-mx13.intmail.prod.int.phx2.redhat.com [10.5.11.26]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by mx1.redhat.com (Postfix) with ESMTPS id 48B078E67F; Tue, 25 Oct 2016 11:11:16 +0000 (UTC) Received: from lacos-laptop-7.usersys.redhat.com (ovpn-116-71.phx2.redhat.com [10.3.116.71]) by int-mx13.intmail.prod.int.phx2.redhat.com (8.14.4/8.14.4) with ESMTP id u9PBBEmM022163; Tue, 25 Oct 2016 07:11:15 -0400 To: Ard Biesheuvel , edk2-devel@ml01.01.org, leif.lindholm@linaro.org References: <1477325206-24646-1-git-send-email-ard.biesheuvel@linaro.org> <1477325206-24646-5-git-send-email-ard.biesheuvel@linaro.org> From: Laszlo Ersek Message-ID: <07562096-0bd6-30b7-0f4d-f01ef8c84afb@redhat.com> Date: Tue, 25 Oct 2016 13:11:14 +0200 User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:45.0) Gecko/20100101 Thunderbird/45.4.0 MIME-Version: 1.0 In-Reply-To: <1477325206-24646-5-git-send-email-ard.biesheuvel@linaro.org> X-Scanned-By: MIMEDefang 2.68 on 10.5.11.26 X-Greylist: Sender IP whitelisted, not delayed by milter-greylist-4.5.16 (mx1.redhat.com [10.5.110.25]); Tue, 25 Oct 2016 11:11:16 +0000 (UTC) Subject: Re: [PATCH 4/6] ArmPkg/SemihostFs: eliminate calls to deprecated string functions X-BeenThere: edk2-devel@lists.01.org X-Mailman-Version: 2.1.21 Precedence: list List-Id: EDK II Development List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Tue, 25 Oct 2016 11:11:16 -0000 Content-Type: text/plain; charset=windows-1252 Content-Transfer-Encoding: 7bit On 10/24/16 18:06, Ard Biesheuvel wrote: > Remove calls to deprecated string functions like AsciiStrCpy() and > UnicodeStrToAsciiStr() > > Contributed-under: TianoCore Contribution Agreement 1.0 > Signed-off-by: Ard Biesheuvel > --- > ArmPkg/Filesystem/SemihostFs/Arm/SemihostFs.c | 20 ++++++++++++-------- > 1 file changed, 12 insertions(+), 8 deletions(-) > > diff --git a/ArmPkg/Filesystem/SemihostFs/Arm/SemihostFs.c b/ArmPkg/Filesystem/SemihostFs/Arm/SemihostFs.c > index 6efdad9ebcce..e79b5cc5cf39 100644 > --- a/ArmPkg/Filesystem/SemihostFs/Arm/SemihostFs.c > +++ b/ArmPkg/Filesystem/SemihostFs/Arm/SemihostFs.c > @@ -207,11 +207,12 @@ FileOpen ( > return EFI_WRITE_PROTECTED; > } > > - AsciiFileName = AllocatePool (StrLen (FileName) + 1); > + Length = StrLen (FileName) + 1; > + AsciiFileName = AllocatePool (Length); > if (AsciiFileName == NULL) { > return EFI_OUT_OF_RESOURCES; > } > - UnicodeStrToAsciiStr (FileName, AsciiFileName); > + UnicodeStrToAsciiStrS (FileName, AsciiFileName, Length); > > // Opening '/', '\', '.', or the NULL pathname is trying to open the root directory > if ((AsciiStrCmp (AsciiFileName, "\\") == 0) || Sort of muddles the purpose of the preexistent Length variable, but it's manageable I think. > @@ -463,7 +464,7 @@ FileDelete ( > NameSize = AsciiStrLen (Fcb->FileName); > FileName = AllocatePool (NameSize + 1); > > - AsciiStrCpy (FileName, Fcb->FileName); > + AsciiStrCpyS (FileName, NameSize + 1, Fcb->FileName); > > // Close the file if it's open. Disregard return status, > // since it might give an error if the file isn't open. Haha, this uses exactly the opposite meanings for Size and Length of what I do :) Okay. > @@ -828,8 +829,10 @@ GetFilesystemInfo ( > EFI_FILE_SYSTEM_INFO *Info; > EFI_STATUS Status; > UINTN ResultSize; > + UINTN StringSize; > > - ResultSize = SIZE_OF_EFI_FILE_SYSTEM_INFO + StrSize (mSemihostFsLabel); > + StringSize = StrSize (mSemihostFsLabel); > + ResultSize = SIZE_OF_EFI_FILE_SYSTEM_INFO + StringSize; > > if (*BufferSize >= ResultSize) { > ZeroMem (Buffer, ResultSize); > @@ -843,7 +846,7 @@ GetFilesystemInfo ( > Info->FreeSpace = 0; > Info->BlockSize = 0; > > - StrCpy (Info->VolumeLabel, mSemihostFsLabel); > + StrCpyS (Info->VolumeLabel, StringSize, mSemihostFsLabel); > } else { > Status = EFI_BUFFER_TOO_SMALL; > } This is wrong: - StrSize() "Returns the size of a Null-terminated Unicode string in bytes, including the Null terminator", - but for StrCpyS(), "DestMax" is "The maximum number of Destination Unicode char, including terminating null char." I suggest to use CopyMem() (rather than divide). > @@ -903,7 +906,7 @@ FileGetInfo ( > ResultSize = StrSize (mSemihostFsLabel); > > if (*BufferSize >= ResultSize) { > - StrCpy (Buffer, mSemihostFsLabel); > + StrCpyS (Buffer, *BufferSize, mSemihostFsLabel); > Status = EFI_SUCCESS; > } else { > Status = EFI_BUFFER_TOO_SMALL; Also wrong; please use CopyMem(). > @@ -963,11 +966,12 @@ SetFileInfo ( > return EFI_ACCESS_DENIED; > } > > - AsciiFileName = AllocatePool (StrLen (Info->FileName) + 1); > + Length = StrLen (Info->FileName) + 1; > + AsciiFileName = AllocatePool (Length); > if (AsciiFileName == NULL) { > return EFI_OUT_OF_RESOURCES; > } > - UnicodeStrToAsciiStr (Info->FileName, AsciiFileName); > + UnicodeStrToAsciiStrS (Info->FileName, AsciiFileName, Length); > > FileSizeIsDifferent = (Info->FileSize != Fcb->Info.FileSize); > FileNameIsDifferent = (AsciiStrCmp (AsciiFileName, Fcb->FileName) != 0); > This hunk looks okay. Thanks Laszlo