From: Ruiyu Ni <ruiyu.ni@intel.com>
To: edk2-devel@lists.01.org
Cc: Jiewen Yao <jiewen.yao@intel.com>,
Liming Gao <liming.gao@intel.com>,
Jian J Wang <jian.j.wang@intel.com>
Subject: [PATCH] MdePkg/SafeString: Directly return when length of source string is 0
Date: Fri, 2 Feb 2018 18:47:53 +0800 [thread overview]
Message-ID: <20180202104753.94568-1-ruiyu.ni@intel.com> (raw)
Today's implementation of [Ascii]StrnCpyS/[Ascii]StrnCatS doesn't
directly return the the length of source string is 0.
When length of source string is 0, it means the Source points to
a memory that shouldn't be deferenced at all.
So it's not proper to call StrnLenS() in such situation.
In a pool guard enabled environment, when using shell to edit an
existing file which contains empty line, the page fault is met.
The patch fixes the four library functions to align to the behavior
of non-safe version: directly return when length of source string
is 0.
Contributed-under: TianoCore Contribution Agreement 1.1
Signed-off-by: Ruiyu Ni <ruiyu.ni@intel.com>
Cc: Jiewen Yao <jiewen.yao@intel.com>
Cc: Liming Gao <liming.gao@intel.com>
Cc: Jian J Wang <jian.j.wang@intel.com>
---
MdePkg/Library/BaseLib/SafeString.c | 18 +++++++++++++++++-
1 file changed, 17 insertions(+), 1 deletion(-)
diff --git a/MdePkg/Library/BaseLib/SafeString.c b/MdePkg/Library/BaseLib/SafeString.c
index 68c33e9b7b..fed818ef33 100644
--- a/MdePkg/Library/BaseLib/SafeString.c
+++ b/MdePkg/Library/BaseLib/SafeString.c
@@ -1,7 +1,7 @@
/** @file
Safe String functions.
- Copyright (c) 2014 - 2017, Intel Corporation. All rights reserved.<BR>
+ Copyright (c) 2014 - 2018, Intel Corporation. All rights reserved.<BR>
This program and the accompanying materials
are licensed and made available under the terms and conditions of the BSD License
which accompanies this distribution. The full text of the license may be found at
@@ -317,6 +317,10 @@ StrnCpyS (
{
UINTN SourceLen;
+ if (Length == 0) {
+ return RETURN_SUCCESS;
+ }
+
ASSERT (((UINTN) Destination & BIT0) == 0);
ASSERT (((UINTN) Source & BIT0) == 0);
@@ -515,6 +519,10 @@ StrnCatS (
UINTN CopyLen;
UINTN SourceLen;
+ if (Length == 0) {
+ return RETURN_SUCCESS;
+ }
+
ASSERT (((UINTN) Destination & BIT0) == 0);
ASSERT (((UINTN) Source & BIT0) == 0);
@@ -1894,6 +1902,10 @@ AsciiStrnCpyS (
{
UINTN SourceLen;
+ if (Length == 0) {
+ return RETURN_SUCCESS;
+ }
+
//
// 1. Neither Destination nor Source shall be a null pointer.
//
@@ -2082,6 +2094,10 @@ AsciiStrnCatS (
UINTN CopyLen;
UINTN SourceLen;
+ if (Length == 0) {
+ return RETURN_SUCCESS;
+ }
+
//
// Let CopyLen denote the value DestMax - AsciiStrnLenS(Destination, DestMax) upon entry to AsciiStrnCatS.
//
--
2.16.1.windows.1
next reply other threads:[~2018-02-02 10:42 UTC|newest]
Thread overview: 5+ messages / expand[flat|nested] mbox.gz Atom feed top
2018-02-02 10:47 Ruiyu Ni [this message]
2018-02-02 13:42 ` [PATCH] MdePkg/SafeString: Directly return when length of source string is 0 Laszlo Ersek
2018-02-05 3:55 ` Yao, Jiewen
2018-02-05 8:04 ` Ni, Ruiyu
2018-02-05 1:23 ` Wang, Jian J
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-list from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20180202104753.94568-1-ruiyu.ni@intel.com \
--to=devel@edk2.groups.io \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox