From mboxrd@z Thu Jan  1 00:00:00 1970
Return-Path: <hao.a.wu@intel.com>
Received-SPF: Pass (sender SPF authorized) identity=mailfrom;
 client-ip=192.55.52.43; helo=mga05.intel.com; envelope-from=hao.a.wu@intel.com;
 receiver=edk2-devel@lists.01.org 
Received: from mga05.intel.com (mga05.intel.com [192.55.52.43])
 (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits))
 (No client certificate requested)
 by ml01.01.org (Postfix) with ESMTPS id 0C76D2035BA25
 for <edk2-devel@lists.01.org>; Mon, 18 Dec 2017 19:24:35 -0800 (PST)
X-Amp-Result: SKIPPED(no attachment in message)
X-Amp-File-Uploaded: False
Received: from fmsmga006.fm.intel.com ([10.253.24.20])
 by fmsmga105.fm.intel.com with ESMTP/TLS/DHE-RSA-AES256-GCM-SHA384;
 18 Dec 2017 19:29:21 -0800
X-ExtLoop1: 1
X-IronPort-AV: E=Sophos;i="5.45,424,1508828400"; d="scan'208";a="188196691"
Received: from shwdeopenpsi014.ccr.corp.intel.com ([10.239.9.10])
 by fmsmga006.fm.intel.com with ESMTP; 18 Dec 2017 19:29:20 -0800
From: Hao Wu <hao.a.wu@intel.com>
To: edk2-devel@lists.01.org
Cc: Hao Wu <hao.a.wu@intel.com>, Liming Gao <liming.gao@intel.com>,
 Yonghong Zhu <yonghong.zhu@intel.com>
Date: Tue, 19 Dec 2017 11:28:56 +0800
Message-Id: <20171219032912.14404-2-hao.a.wu@intel.com>
X-Mailer: git-send-email 2.12.0.windows.1
In-Reply-To: <20171219032912.14404-1-hao.a.wu@intel.com>
References: <20171219032912.14404-1-hao.a.wu@intel.com>
Subject: [PATCH 01/17] BaseTools/C/Common: Add checks for array access
X-BeenThere: edk2-devel@lists.01.org
X-Mailman-Version: 2.1.22
Precedence: list
List-Id: EDK II Development  <edk2-devel.lists.01.org>
List-Unsubscribe: <https://lists.01.org/mailman/options/edk2-devel>,
 <mailto:edk2-devel-request@lists.01.org?subject=unsubscribe>
List-Archive: <http://lists.01.org/pipermail/edk2-devel/>
List-Post: <mailto:edk2-devel@lists.01.org>
List-Help: <mailto:edk2-devel-request@lists.01.org?subject=help>
List-Subscribe: <https://lists.01.org/mailman/listinfo/edk2-devel>,
 <mailto:edk2-devel-request@lists.01.org?subject=subscribe>
X-List-Received-Date: Tue, 19 Dec 2017 03:24:35 -0000

Cc: Liming Gao <liming.gao@intel.com>
Cc: Yonghong Zhu <yonghong.zhu@intel.com>
Contributed-under: TianoCore Contribution Agreement 1.1
Signed-off-by: Hao Wu <hao.a.wu@intel.com>
---
 BaseTools/Source/C/Common/Decompress.c        |  8 ++++----
 BaseTools/Source/C/Common/SimpleFileParsing.c | 12 +++++-------
 2 files changed, 9 insertions(+), 11 deletions(-)

diff --git a/BaseTools/Source/C/Common/Decompress.c b/BaseTools/Source/C/Common/Decompress.c
index b2049bd01c..8f1afb4e40 100644
--- a/BaseTools/Source/C/Common/Decompress.c
+++ b/BaseTools/Source/C/Common/Decompress.c
@@ -2,7 +2,7 @@
 Decompressor. Algorithm Ported from OPSD code (Decomp.asm) for Efi and Tiano 
 compress algorithm.
 
-Copyright (c) 2004 - 2016, Intel Corporation. All rights reserved.<BR>
+Copyright (c) 2004 - 2017, Intel Corporation. All rights reserved.<BR>
 This program and the accompanying materials
 are licensed and made available under the terms and conditions of the BSD License
 which accompanies this distribution.  The full text of the license may be found at
@@ -394,7 +394,7 @@ Returns:
 
   Index = 0;
 
-  while (Index < Number) {
+  while (Index < Number && Index < NPT) {
 
     CharC = (UINT16) (Sd->mBitBuf >> (BITBUFSIZ - 3));
 
@@ -413,14 +413,14 @@ Returns:
     if (Index == Special) {
       CharC = (UINT16) GetBits (Sd, 2);
       CharC--;
-      while ((INT16) (CharC) >= 0) {
+      while ((INT16) (CharC) >= 0 && Index < NPT) {
         Sd->mPTLen[Index++] = 0;
         CharC--;
       }
     }
   }
 
-  while (Index < nn) {
+  while (Index < nn && Index < NPT) {
     Sd->mPTLen[Index++] = 0;
   }
 
diff --git a/BaseTools/Source/C/Common/SimpleFileParsing.c b/BaseTools/Source/C/Common/SimpleFileParsing.c
index 868c6b794b..209a0954b3 100644
--- a/BaseTools/Source/C/Common/SimpleFileParsing.c
+++ b/BaseTools/Source/C/Common/SimpleFileParsing.c
@@ -1,7 +1,7 @@
 /** @file
 Generic but simple file parsing routines.
 
-Copyright (c) 2004 - 2016, Intel Corporation. All rights reserved.<BR>
+Copyright (c) 2004 - 2017, Intel Corporation. All rights reserved.<BR>
 This program and the accompanying materials                          
 are licensed and made available under the terms and conditions of the BSD License         
 which accompanies this distribution.  The full text of the license may be found at        
@@ -1232,12 +1232,10 @@ GetHexChars (
 {
   UINT32  Len;
   Len = 0;
-  while (!EndOfFile (&mGlobals.SourceFile) && (BufferLen > 0)) {
+  while (!EndOfFile (&mGlobals.SourceFile) && (Len < BufferLen)) {
     if (isxdigit ((int)mGlobals.SourceFile.FileBufferPtr[0])) {
-      *Buffer = mGlobals.SourceFile.FileBufferPtr[0];
-      Buffer++;
+      Buffer[Len] = mGlobals.SourceFile.FileBufferPtr[0];
       Len++;
-      BufferLen--;
       mGlobals.SourceFile.FileBufferPtr++;
     } else {
       break;
@@ -1246,8 +1244,8 @@ GetHexChars (
   //
   // Null terminate if we can
   //
-  if ((Len > 0) && (BufferLen > 0)) {
-    *Buffer = 0;
+  if ((Len > 0) && (Len < BufferLen)) {
+    Buffer[Len] = 0;
   }
 
   return Len;
-- 
2.12.0.windows.1