From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Received: from mga04.intel.com (mga04.intel.com [192.55.52.120]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ml01.01.org (Postfix) with ESMTPS id 9AF3621A00ACB for ; Fri, 23 Jun 2017 01:06:51 -0700 (PDT) Received: from fmsmga001.fm.intel.com ([10.253.24.23]) by fmsmga104.fm.intel.com with ESMTP/TLS/DHE-RSA-AES256-GCM-SHA384; 23 Jun 2017 01:08:17 -0700 X-ExtLoop1: 1 X-IronPort-AV: E=Sophos;i="5.39,377,1493708400"; d="scan'208";a="1163808274" Received: from shwdeopenpsi068.ccr.corp.intel.com ([10.239.9.2]) by fmsmga001.fm.intel.com with ESMTP; 23 Jun 2017 01:08:15 -0700 From: Star Zeng To: edk2-devel@lists.01.org Cc: Star Zeng , Liming Gao Date: Fri, 23 Jun 2017 16:08:09 +0800 Message-Id: <1498205290-157888-3-git-send-email-star.zeng@intel.com> X-Mailer: git-send-email 2.7.0.windows.1 In-Reply-To: <1498205290-157888-1-git-send-email-star.zeng@intel.com> References: <1498205290-157888-1-git-send-email-star.zeng@intel.com> Subject: [PATCH V2 2/3] MdeModulePkg Variable: Update GetNextVariableName to follow UEFI 2.7 X-BeenThere: edk2-devel@lists.01.org X-Mailman-Version: 2.1.22 Precedence: list List-Id: EDK II Development List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Fri, 23 Jun 2017 08:06:51 -0000 "The size must be large enough to fit input string supplied in VariableName buffer" is added in the description for VariableNameSize. And two cases of EFI_INVALID_PARAMETER are added. 1. The input values of VariableName and VendorGuid are not a name and GUID of an existing variable. 2. Null-terminator is not found in the first VariableNameSize bytes of the input VariableName buffer. This patch is to update code to follow them. Cc: Liming Gao Contributed-under: TianoCore Contribution Agreement 1.0 Signed-off-by: Star Zeng --- .../Universal/Variable/EmuRuntimeDxe/EmuVariable.c | 25 +++++++++++++++++++++- .../Universal/Variable/RuntimeDxe/Variable.c | 19 ++++++++++++++++ 2 files changed, 43 insertions(+), 1 deletion(-) diff --git a/MdeModulePkg/Universal/Variable/EmuRuntimeDxe/EmuVariable.c b/MdeModulePkg/Universal/Variable/EmuRuntimeDxe/EmuVariable.c index 27ea1496a044..6211ec52a439 100644 --- a/MdeModulePkg/Universal/Variable/EmuRuntimeDxe/EmuVariable.c +++ b/MdeModulePkg/Universal/Variable/EmuRuntimeDxe/EmuVariable.c @@ -3,7 +3,7 @@ Emulation Variable services operate on the runtime volatile memory. The nonvolatile variable space doesn't exist. -Copyright (c) 2006 - 2016, Intel Corporation. All rights reserved.
+Copyright (c) 2006 - 2017, Intel Corporation. All rights reserved.
This program and the accompanying materials are licensed and made available under the terms and conditions of the BSD License which accompanies this distribution. The full text of the license may be found at @@ -1245,6 +1245,10 @@ Done: @retval EFI_BUFFER_TOO_SMALL VariableNameSize is too small for the result. VariableNameSize has been updated with the size needed to complete the request. @retval EFI_INVALID_PARAMETER VariableNameSize or VariableName or VendorGuid is NULL. + @retval EFI_INVALID_PARAMETER The input values of VariableName and VendorGuid are not a name and + GUID of an existing variable. + @retval EFI_INVALID_PARAMETER Null-terminator is not found in the first VariableNameSize bytes of + the input VariableName buffer. **/ EFI_STATUS @@ -1259,16 +1263,35 @@ EmuGetNextVariableName ( VARIABLE_POINTER_TRACK Variable; UINTN VarNameSize; EFI_STATUS Status; + UINTN MaxLen; if (VariableNameSize == NULL || VariableName == NULL || VendorGuid == NULL) { return EFI_INVALID_PARAMETER; } + // + // Calculate the possible maximum length of name string, including the Null terminator. + // + MaxLen = *VariableNameSize / sizeof (CHAR16); + if ((MaxLen == 0) || + ((VariableName[MaxLen - 1] != 0) && (StrnLenS (VariableName, MaxLen) == MaxLen))) { + // + // Null-terminator is not found in the first VariableNameSize bytes of the input VariableName buffer. + // + return EFI_INVALID_PARAMETER; + } + AcquireLockOnlyAtBootTime(&Global->VariableServicesLock); Status = FindVariable (VariableName, VendorGuid, &Variable, Global); if (Variable.CurrPtr == NULL || EFI_ERROR (Status)) { + if (VariableName[0] != 0) { + // + // The input values of VariableName and VendorGuid are not a name and GUID of an existing variable. + // + Status = EFI_INVALID_PARAMETER; + } goto Done; } diff --git a/MdeModulePkg/Universal/Variable/RuntimeDxe/Variable.c b/MdeModulePkg/Universal/Variable/RuntimeDxe/Variable.c index 0a325de1659d..1e68c0a73a6d 100644 --- a/MdeModulePkg/Universal/Variable/RuntimeDxe/Variable.c +++ b/MdeModulePkg/Universal/Variable/RuntimeDxe/Variable.c @@ -2926,6 +2926,12 @@ VariableServiceGetNextVariableInternal ( Status = FindVariable (VariableName, VendorGuid, &Variable, &mVariableModuleGlobal->VariableGlobal, FALSE); if (Variable.CurrPtr == NULL || EFI_ERROR (Status)) { + if (VariableName[0] != 0) { + // + // The input values of VariableName and VendorGuid are not a name and GUID of an existing variable. + // + Status = EFI_INVALID_PARAMETER; + } goto Done; } @@ -3065,6 +3071,7 @@ VariableServiceGetNextVariableName ( ) { EFI_STATUS Status; + UINTN MaxLen; UINTN VarNameSize; VARIABLE_HEADER *VariablePtr; @@ -3072,6 +3079,18 @@ VariableServiceGetNextVariableName ( return EFI_INVALID_PARAMETER; } + // + // Calculate the possible maximum length of name string, including the Null terminator. + // + MaxLen = *VariableNameSize / sizeof (CHAR16); + if ((MaxLen == 0) || + ((VariableName[MaxLen - 1] != 0) && (StrnLenS (VariableName, MaxLen) == MaxLen))) { + // + // Null-terminator is not found in the first VariableNameSize bytes of the input VariableName buffer. + // + return EFI_INVALID_PARAMETER; + } + AcquireLockOnlyAtBootTime(&mVariableModuleGlobal->VariableGlobal.VariableServicesLock); Status = VariableServiceGetNextVariableInternal (VariableName, VendorGuid, &VariablePtr); -- 2.7.0.windows.1