From: Hao Wu <hao.a.wu@intel.com>
To: edk2-devel@lists.01.org
Cc: Hao Wu <hao.a.wu@intel.com>, Liming Gao <liming.gao@intel.com>,
Yonghong Zhu <yonghong.zhu@intel.com>
Subject: [PATCH 07/17] BaseTools/C/Common: Add/refine boundary checks for strcpy/strcat calls
Date: Tue, 19 Dec 2017 11:29:02 +0800 [thread overview]
Message-ID: <20171219032912.14404-8-hao.a.wu@intel.com> (raw)
In-Reply-To: <20171219032912.14404-1-hao.a.wu@intel.com>
Add checks to ensure when the destination string buffer is of fixed
size, the strcpy/strcat functions calls will not access beyond the
boundary.
Cc: Liming Gao <liming.gao@intel.com>
Cc: Yonghong Zhu <yonghong.zhu@intel.com>
Contributed-under: TianoCore Contribution Agreement 1.1
Signed-off-by: Hao Wu <hao.a.wu@intel.com>
---
BaseTools/Source/C/Common/CommonLib.c | 24 +++++++++++++++++-------
BaseTools/Source/C/Common/EfiUtilityMsgs.c | 9 +++------
2 files changed, 20 insertions(+), 13 deletions(-)
diff --git a/BaseTools/Source/C/Common/CommonLib.c b/BaseTools/Source/C/Common/CommonLib.c
index 2f0aecf252..4a62bec85e 100644
--- a/BaseTools/Source/C/Common/CommonLib.c
+++ b/BaseTools/Source/C/Common/CommonLib.c
@@ -1,7 +1,7 @@
/** @file
Common basic Library Functions
-Copyright (c) 2004 - 2016, Intel Corporation. All rights reserved.<BR>
+Copyright (c) 2004 - 2017, Intel Corporation. All rights reserved.<BR>
This program and the accompanying materials
are licensed and made available under the terms and conditions of the BSD License
which accompanies this distribution. The full text of the license may be found at
@@ -638,12 +638,22 @@ Returns:
//
RootPath = getcwd (NULL, 0);
if (RootPath != NULL) {
- strcat (mCommonLibFullPath, RootPath);
+ if (strlen (mCommonLibFullPath) + strlen (RootPath) > MAX_LONG_FILE_PATH - 1) {
+ Error (NULL, 0, 2000, "Invalid parameter", "RootPath is too long!");
+ free (RootPath);
+ return NULL;
+ }
+ strncat (mCommonLibFullPath, RootPath, MAX_LONG_FILE_PATH - strlen (mCommonLibFullPath) - 1);
if (FileName[0] != '\\' && FileName[0] != '/') {
+ if (strlen (mCommonLibFullPath) + 1 > MAX_LONG_FILE_PATH - 1) {
+ Error (NULL, 0, 2000, "Invalid parameter", "RootPath is too long!");
+ free (RootPath);
+ return NULL;
+ }
//
// Attach directory separator
//
- strcat (mCommonLibFullPath, "\\");
+ strncat (mCommonLibFullPath, "\\", MAX_LONG_FILE_PATH - strlen (mCommonLibFullPath) - 1);
}
free (RootPath);
}
@@ -673,7 +683,7 @@ Returns:
//
if ((PathPointer = strstr (mCommonLibFullPath, ":\\\\")) != NULL) {
*(PathPointer + 2) = '\0';
- strcat (mCommonLibFullPath, PathPointer + 3);
+ strncat (mCommonLibFullPath, PathPointer + 3, MAX_LONG_FILE_PATH - strlen (mCommonLibFullPath) - 1);
}
//
@@ -681,7 +691,7 @@ Returns:
//
while ((PathPointer = strstr (mCommonLibFullPath, ".\\")) != NULL) {
*PathPointer = '\0';
- strcat (mCommonLibFullPath, PathPointer + 2);
+ strncat (mCommonLibFullPath, PathPointer + 2, MAX_LONG_FILE_PATH - strlen (mCommonLibFullPath) - 1);
}
//
@@ -689,7 +699,7 @@ Returns:
//
while ((PathPointer = strstr (mCommonLibFullPath, "\\.\\")) != NULL) {
*PathPointer = '\0';
- strcat (mCommonLibFullPath, PathPointer + 2);
+ strncat (mCommonLibFullPath, PathPointer + 2, MAX_LONG_FILE_PATH - strlen (mCommonLibFullPath) - 1);
}
//
@@ -706,7 +716,7 @@ Returns:
// Skip one directory
//
*PathPointer = '\0';
- strcat (mCommonLibFullPath, NextPointer);
+ strncat (mCommonLibFullPath, NextPointer, MAX_LONG_FILE_PATH - strlen (mCommonLibFullPath) - 1);
} else {
//
// No directory is found. Just break.
diff --git a/BaseTools/Source/C/Common/EfiUtilityMsgs.c b/BaseTools/Source/C/Common/EfiUtilityMsgs.c
index 7b4c2310ca..5496a439e2 100644
--- a/BaseTools/Source/C/Common/EfiUtilityMsgs.c
+++ b/BaseTools/Source/C/Common/EfiUtilityMsgs.c
@@ -1,7 +1,7 @@
/** @file
EFI tools utility functions to display warning, error, and informational messages
-Copyright (c) 2004 - 2016, Intel Corporation. All rights reserved.<BR>
+Copyright (c) 2004 - 2017, Intel Corporation. All rights reserved.<BR>
This program and the accompanying materials
are licensed and made available under the terms and conditions of the BSD License
which accompanies this distribution. The full text of the license may be found at
@@ -608,12 +608,9 @@ Returns:
if (UtilityName != NULL) {
if (strlen (UtilityName) >= sizeof (mUtilityName)) {
Error (UtilityName, 0, 0, "application error", "utility name length exceeds internal buffer size");
- strncpy (mUtilityName, UtilityName, sizeof (mUtilityName) - 1);
- mUtilityName[sizeof (mUtilityName) - 1] = 0;
- return ;
- } else {
- strcpy (mUtilityName, UtilityName);
}
+ strncpy (mUtilityName, UtilityName, sizeof (mUtilityName) - 1);
+ mUtilityName[sizeof (mUtilityName) - 1] = 0;
} else {
Error (NULL, 0, 0, "application error", "SetUtilityName() called with NULL utility name");
}
--
2.12.0.windows.1
next prev parent reply other threads:[~2017-12-19 3:24 UTC|newest]
Thread overview: 19+ messages / expand[flat|nested] mbox.gz Atom feed top
2017-12-19 3:28 [PATCH 00/17] BaseTools/C: Code refinements Hao Wu
2017-12-19 3:28 ` [PATCH 01/17] BaseTools/C/Common: Add checks for array access Hao Wu
2017-12-19 3:28 ` [PATCH 02/17] BaseTools/EfiRom: Refine the logic in main() Hao Wu
2017-12-19 3:28 ` [PATCH 03/17] BaseTools/LzmaCompress: Fix possible uninitialized variable Hao Wu
2017-12-19 3:28 ` [PATCH 04/17] BaseTools/C/Common: Remove redundant type cast Hao Wu
2017-12-19 3:29 ` [PATCH 05/17] BaseTools/VfrCompile: Assign 'NULL' for closed file handle Hao Wu
2017-12-19 3:29 ` [PATCH 06/17] BaseTools/GenFv: Add check to ensure the file handle status is correct Hao Wu
2017-12-19 3:29 ` Hao Wu [this message]
2017-12-19 3:29 ` [PATCH 08/17] BaseTools/C/Common: Refine using sprintf() with '%s' in format string Hao Wu
2017-12-19 3:29 ` [PATCH 09/17] BaseTools/EfiRom: Add/refine boundary checks for strcpy/strcat calls Hao Wu
2017-12-19 3:29 ` [PATCH 10/17] BaseTools/GenBootSector: Add/refine boundary checks for strcpy/strcat Hao Wu
2017-12-19 3:29 ` [PATCH 11/17] BaseTools/GenFv: Add/refine boundary checks for strcpy/strcat calls Hao Wu
2017-12-19 3:29 ` [PATCH 12/17] BaseTools/GenVtf: " Hao Wu
2017-12-19 3:29 ` [PATCH 13/17] BaseTools/VfrCompile: Add/refine boundary checks for strcpy/strcat Hao Wu
2017-12-19 3:29 ` [PATCH 14/17] BaseTools/VfrCompile: Resolve uninit class variables in constructor Hao Wu
2017-12-19 3:29 ` [PATCH 15/17] BaseTools/GenFfs: Enlarge the size of 'AlignmentBuffer' Hao Wu
2017-12-19 3:29 ` [PATCH 16/17] BaseTools/GenSec: Fix potential memory leak Hao Wu
2017-12-19 3:29 ` [PATCH 17/17] BaseTools/GenSec: Fix potential null pointer dereference Hao Wu
2017-12-25 1:48 ` [PATCH 00/17] BaseTools/C: Code refinements Gao, Liming
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-list from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20171219032912.14404-8-hao.a.wu@intel.com \
--to=devel@edk2.groups.io \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox