From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Received-SPF: Pass (sender SPF authorized) identity=mailfrom; client-ip=192.55.52.93; helo=mga11.intel.com; envelope-from=zhiqiangx.zhao@intel.com; receiver=edk2-devel@lists.01.org Received: from mga11.intel.com (mga11.intel.com [192.55.52.93]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ml01.01.org (Postfix) with ESMTPS id 706D92112999F for ; Wed, 12 Sep 2018 01:46:45 -0700 (PDT) X-Amp-Result: SKIPPED(no attachment in message) X-Amp-File-Uploaded: False Received: from orsmga006.jf.intel.com ([10.7.209.51]) by fmsmga102.fm.intel.com with ESMTP/TLS/DHE-RSA-AES256-GCM-SHA384; 12 Sep 2018 01:46:45 -0700 X-ExtLoop1: 1 X-IronPort-AV: E=Sophos;i="5.53,364,1531810800"; d="scan'208";a="73613199" Received: from tiano-zzq.ccr.corp.intel.com ([10.239.49.10]) by orsmga006.jf.intel.com with ESMTP; 12 Sep 2018 01:46:43 -0700 From: Zhaozh1x To: edk2-devel@lists.01.org Cc: Zhaozh1x , Liming Gao , Yonghong Zhu , Bob Feng Date: Wed, 12 Sep 2018 16:46:40 +0800 Message-Id: <20180912084640.20852-1-zhiqiangx.zhao@intel.com> X-Mailer: git-send-email 2.14.1.windows.1 Subject: [PATCH V2] BaseTools: Check the array index and the array size of structure PCD. X-BeenThere: edk2-devel@lists.01.org X-Mailman-Version: 2.1.29 Precedence: list List-Id: EDK II Development List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Wed, 12 Sep 2018 08:46:46 -0000 V2: 1. Add comments for each ASSERT. 2. ASSERT need to skip the case of array size of array as zero. For example, TestArray[] in struct in header file. V1: For structure PCD, 1. use compiler time assert to check the array index, report error if the buffer overflow happens. 2. use compiler time assert to check the array size, report error if the user declared size in header file is smaller than the user defined in DEC/DSC file. Contributed-under: TianoCore Contribution Agreement 1.1 Signed-off-by: ZhiqiangX Zhao Cc: Liming Gao Cc: Yonghong Zhu Cc: Bob Feng --- BaseTools/Source/C/Common/PcdValueCommon.h | 7 +++++++ BaseTools/Source/Python/Workspace/DscBuildData.py | 8 ++++++++ 2 files changed, 15 insertions(+) diff --git a/BaseTools/Source/C/Common/PcdValueCommon.h b/BaseTools/Source/C/Common/PcdValueCommon.h index 3922428ded..255afdfcc3 100644 --- a/BaseTools/Source/C/Common/PcdValueCommon.h +++ b/BaseTools/Source/C/Common/PcdValueCommon.h @@ -22,6 +22,13 @@ WITHOUT WARRANTIES OR REPRESENTATIONS OF ANY KIND, EITHER EXPRESS OR IMPLIED. #define __ARRAY_ELEMENT_SIZE(TYPE, Field) (sizeof((TYPE *)0)->Field[0]) #define __OFFSET_OF(TYPE, Field) ((UINT32) &(((TYPE *)0)->Field)) #define __FLEXIBLE_SIZE(Size, TYPE, Field, MaxIndex) if (__FIELD_SIZE(TYPE, Field) == 0) Size = MAX((__OFFSET_OF(TYPE, Field) + __ARRAY_ELEMENT_SIZE(TYPE, Field) * (MaxIndex)), Size) +#define __ARRAY_SIZE(Array) (sizeof(Array)/sizeof(Array[0])) + +#if defined(_MSC_EXTENSIONS) +#define __STATIC_ASSERT static_assert +#else +#define __STATIC_ASSERT _Static_assert +#endif VOID PcdEntryPoint ( diff --git a/BaseTools/Source/Python/Workspace/DscBuildData.py b/BaseTools/Source/Python/Workspace/DscBuildData.py index 88ba415c5a..9c4da91151 100644 --- a/BaseTools/Source/Python/Workspace/DscBuildData.py +++ b/BaseTools/Source/Python/Workspace/DscBuildData.py @@ -1773,8 +1773,12 @@ class DscBuildData(PlatformBuildClassObject): # CApp = CApp + ' FieldSize = __FIELD_SIZE(%s, %s);\n' % (Pcd.DatumType, FieldName) CApp = CApp + ' Value = %s; // From %s Line %d Value %s\n' % (DscBuildData.IntToCString(Value, ValueSize), FieldList[FieldName][1], FieldList[FieldName][2], FieldList[FieldName][0]) + CApp = CApp + ' __STATIC_ASSERT((__FIELD_SIZE(%s, %s) >= %d) || (__FIELD_SIZE(%s, %s) == 0), "Input buffer exceeds the buffer array"); // From %s Line %d Value %s\n' % (Pcd.DatumType, FieldName, ValueSize, Pcd.DatumType, FieldName, FieldList[FieldName][1], FieldList[FieldName][2], FieldList[FieldName][0]) CApp = CApp + ' memcpy (&Pcd->%s, Value, (FieldSize > 0 && FieldSize < %d) ? FieldSize : %d);\n' % (FieldName, ValueSize, ValueSize) else: + if '[' in FieldName and ']' in FieldName: + Index = int(FieldName.split('[')[1].split(']')[0]) + CApp = CApp + ' __STATIC_ASSERT((%d < __ARRAY_SIZE(Pcd->%s)) || (__ARRAY_SIZE(Pcd->%s) == 0), "array checker error"); // From %s Line %d Index of %s\n' % (Index, FieldName.split('[')[0], FieldName.split('[')[0], FieldList[FieldName][1], FieldList[FieldName][2], FieldName) if ValueSize > 4: CApp = CApp + ' Pcd->%s = %dULL; // From %s Line %d Value %s\n' % (FieldName, Value, FieldList[FieldName][1], FieldList[FieldName][2], FieldList[FieldName][0]) else: @@ -1852,8 +1856,12 @@ class DscBuildData(PlatformBuildClassObject): # CApp = CApp + ' FieldSize = __FIELD_SIZE(%s, %s);\n' % (Pcd.DatumType, FieldName) CApp = CApp + ' Value = %s; // From %s Line %d Value %s\n' % (DscBuildData.IntToCString(Value, ValueSize), FieldList[FieldName][1], FieldList[FieldName][2], FieldList[FieldName][0]) + CApp = CApp + ' __STATIC_ASSERT((__FIELD_SIZE(%s, %s) >= %d) || (__FIELD_SIZE(%s, %s) == 0), "Input buffer exceeds the buffer array"); // From %s Line %d Value %s\n' % (Pcd.DatumType, FieldName, ValueSize, Pcd.DatumType, FieldName, FieldList[FieldName][1], FieldList[FieldName][2], FieldList[FieldName][0]) CApp = CApp + ' memcpy (&Pcd->%s, Value, (FieldSize > 0 && FieldSize < %d) ? FieldSize : %d);\n' % (FieldName, ValueSize, ValueSize) else: + if '[' in FieldName and ']' in FieldName: + Index = int(FieldName.split('[')[1].split(']')[0]) + CApp = CApp + ' __STATIC_ASSERT((%d < __ARRAY_SIZE(Pcd->%s)) || (__ARRAY_SIZE(Pcd->%s) == 0), "array checker error"); // From %s Line %d Index of %s\n' % (Index, FieldName.split('[')[0], FieldName.split('[')[0], FieldList[FieldName][1], FieldList[FieldName][2], FieldName) if ValueSize > 4: CApp = CApp + ' Pcd->%s = %dULL; // From %s Line %d Value %s\n' % (FieldName, Value, FieldList[FieldName][1], FieldList[FieldName][2], FieldList[FieldName][0]) else: -- 2.14.1.windows.1