From mboxrd@z Thu Jan  1 00:00:00 1970
Return-Path: <hao.a.wu@intel.com>
Received: from mga03.intel.com (mga03.intel.com [134.134.136.65])
 (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits))
 (No client certificate requested)
 by ml01.01.org (Postfix) with ESMTPS id D96DF21A16EF9
 for <edk2-devel@lists.01.org>; Mon, 22 May 2017 19:04:14 -0700 (PDT)
Received: from fmsmga005.fm.intel.com ([10.253.24.32])
 by orsmga103.jf.intel.com with ESMTP/TLS/DHE-RSA-AES256-GCM-SHA384;
 22 May 2017 19:04:14 -0700
X-ExtLoop1: 1
X-IronPort-AV: E=Sophos;i="5.38,379,1491289200"; d="scan'208";a="105360324"
Received: from shwdeopenpsi014.ccr.corp.intel.com ([10.239.9.13])
 by fmsmga005.fm.intel.com with ESMTP; 22 May 2017 19:04:13 -0700
From: Hao Wu <hao.a.wu@intel.com>
To: edk2-devel@lists.01.org
Cc: Hao Wu <hao.a.wu@intel.com>, Ruiyu Ni <ruiyu.ni@intel.com>,
 Jaben Carsey <jaben.carsey@intel.com>
Date: Tue, 23 May 2017 10:04:10 +0800
Message-Id: <20170523020410.9184-1-hao.a.wu@intel.com>
X-Mailer: git-send-email 2.12.0.windows.1
Subject: [PATCH] ShellPkg/UefiShellLib: Avoid reading undefined content before string
X-BeenThere: edk2-devel@lists.01.org
X-Mailman-Version: 2.1.22
Precedence: list
List-Id: EDK II Development  <edk2-devel.lists.01.org>
List-Unsubscribe: <https://lists.01.org/mailman/options/edk2-devel>,
 <mailto:edk2-devel-request@lists.01.org?subject=unsubscribe>
List-Archive: <http://lists.01.org/pipermail/edk2-devel/>
List-Post: <mailto:edk2-devel@lists.01.org>
List-Help: <mailto:edk2-devel-request@lists.01.org?subject=help>
List-Subscribe: <https://lists.01.org/mailman/listinfo/edk2-devel>,
 <mailto:edk2-devel-request@lists.01.org?subject=subscribe>
X-List-Received-Date: Tue, 23 May 2017 02:04:15 -0000

https://bugzilla.tianocore.org/show_bug.cgi?id=566

In function InternalShellPrintWorker(), if the string in variable
'mPostReplaceFormat2' starts with character L'%', the following
expression:

*(ResumeLocation-1) == L'^' at line 2831

will read an undefined value before the starting of string
'mPostReplaceFormat2'.

This commit adds additional logic to avoid reading undefined content.

Cc: Ruiyu Ni <ruiyu.ni@intel.com>
Cc: Jaben Carsey <jaben.carsey@intel.com>
Contributed-under: TianoCore Contribution Agreement 1.0
Signed-off-by: Hao Wu <hao.a.wu@intel.com>
---
 ShellPkg/Library/UefiShellLib/UefiShellLib.c | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/ShellPkg/Library/UefiShellLib/UefiShellLib.c b/ShellPkg/Library/UefiShellLib/UefiShellLib.c
index 55e8a67ac4..25706e9bc3 100644
--- a/ShellPkg/Library/UefiShellLib/UefiShellLib.c
+++ b/ShellPkg/Library/UefiShellLib/UefiShellLib.c
@@ -2828,7 +2828,7 @@ InternalShellPrintWorker(
     // update the attribute
     //
     if (ResumeLocation != NULL) {
-      if (*(ResumeLocation-1) == L'^') {
+      if ((ResumeLocation != mPostReplaceFormat2) && (*(ResumeLocation-1) == L'^')) {
         //
         // Move cursor back 1 position to overwrite the ^
         //
-- 
2.12.0.windows.1