From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Received-SPF: Pass (sender SPF authorized) identity=mailfrom; client-ip=192.55.52.43; helo=mga05.intel.com; envelope-from=hao.a.wu@intel.com; receiver=edk2-devel@lists.01.org Received: from mga05.intel.com (mga05.intel.com [192.55.52.43]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ml01.01.org (Postfix) with ESMTPS id DAFD42035B2EB for ; Mon, 18 Dec 2017 19:24:44 -0800 (PST) X-Amp-Result: SKIPPED(no attachment in message) X-Amp-File-Uploaded: False Received: from fmsmga006.fm.intel.com ([10.253.24.20]) by fmsmga105.fm.intel.com with ESMTP/TLS/DHE-RSA-AES256-GCM-SHA384; 18 Dec 2017 19:29:31 -0800 X-ExtLoop1: 1 X-IronPort-AV: E=Sophos;i="5.45,424,1508828400"; d="scan'208";a="188196723" Received: from shwdeopenpsi014.ccr.corp.intel.com ([10.239.9.10]) by fmsmga006.fm.intel.com with ESMTP; 18 Dec 2017 19:29:29 -0800 From: Hao Wu To: edk2-devel@lists.01.org Cc: Hao Wu , Liming Gao , Yonghong Zhu Date: Tue, 19 Dec 2017 11:29:04 +0800 Message-Id: <20171219032912.14404-10-hao.a.wu@intel.com> X-Mailer: git-send-email 2.12.0.windows.1 In-Reply-To: <20171219032912.14404-1-hao.a.wu@intel.com> References: <20171219032912.14404-1-hao.a.wu@intel.com> Subject: [PATCH 09/17] BaseTools/EfiRom: Add/refine boundary checks for strcpy/strcat calls X-BeenThere: edk2-devel@lists.01.org X-Mailman-Version: 2.1.22 Precedence: list List-Id: EDK II Development List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Tue, 19 Dec 2017 03:24:45 -0000 Add checks to ensure when the destination string buffer is of fixed size, the strcpy/strcat functions calls will not access beyond the boundary. Cc: Liming Gao Cc: Yonghong Zhu Contributed-under: TianoCore Contribution Agreement 1.1 Signed-off-by: Hao Wu --- BaseTools/Source/C/EfiRom/EfiRom.c | 8 +++++++- 1 file changed, 7 insertions(+), 1 deletion(-) diff --git a/BaseTools/Source/C/EfiRom/EfiRom.c b/BaseTools/Source/C/EfiRom/EfiRom.c index 6648f4c738..fc3b5ad277 100644 --- a/BaseTools/Source/C/EfiRom/EfiRom.c +++ b/BaseTools/Source/C/EfiRom/EfiRom.c @@ -96,7 +96,13 @@ Returns: // if (!mOptions.OutFileName[0]) { if (mOptions.FileList != NULL) { - strcpy (mOptions.OutFileName, mOptions.FileList->FileName); + if (strlen (mOptions.FileList->FileName) >= MAX_PATH) { + Status = STATUS_ERROR; + Error (NULL, 0, 2000, "Invalid parameter", "Input file name is too long - %s.", mOptions.FileList->FileName); + goto BailOut; + } + strncpy (mOptions.OutFileName, mOptions.FileList->FileName, MAX_PATH - 1); + mOptions.OutFileName[MAX_PATH - 1] = 0; // // Find the last . on the line and replace the filename extension with // the default -- 2.12.0.windows.1