From mboxrd@z Thu Jan  1 00:00:00 1970
Received: from linux.microsoft.com (linux.microsoft.com [13.77.154.182])
 by mx.groups.io with SMTP id smtpd.web11.10574.1679697071185395280
 for <devel@edk2.groups.io>;
 Fri, 24 Mar 2023 15:31:11 -0700
Authentication-Results: mx.groups.io;
 dkim=fail reason="body hash did not verify" header.i=@linux.microsoft.com header.s=default header.b=ECuAUrcU;
 spf=pass (domain: linux.microsoft.com, ip: 13.77.154.182, mailfrom: mikuback@linux.microsoft.com)
Received: from localhost.localdomain (unknown [47.201.8.94])
	by linux.microsoft.com (Postfix) with ESMTPSA id 1B8CB20FC4D5;
	Fri, 24 Mar 2023 15:31:10 -0700 (PDT)
DKIM-Filter: OpenDKIM Filter v2.11.0 linux.microsoft.com 1B8CB20FC4D5
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=linux.microsoft.com;
	s=default; t=1679697070;
	bh=e1Bpg7SRa5WkncZaxWHpEWXCO4LENQyeCqYALVUAFxA=;
	h=From:To:Cc:Subject:Date:In-Reply-To:References:From;
	b=ECuAUrcUKU6CbNC/n9ctBUEWJUonPOtg1h+P3fErQmSs8sOJrZFfovdF3C33w6W9R
	 bUcmJEADtsqEdMPC9VuaLMMm92k9u9AXdtqpvUr3bUkWsGTnnaYB8pPu7hrpDNwdyK
	 FXOYHJCULPkJG49EPkDebBEmDNlRhdRwvNdKyI+4=
From: "Michael Kubacki" <mikuback@linux.microsoft.com>
To: devel@edk2.groups.io
Cc: Erich McMillan <emcmillan@microsoft.com>,
	Liming Gao <gaoliming@byosoft.com.cn>,
	Michael D Kinney <michael.d.kinney@intel.com>,
	Michael Kubacki <mikuback@linux.microsoft.com>,
	Zhiguang Liu <zhiguang.liu@intel.com>
Subject: [PATCH v7 06/12] MdePkg: Fix conditionally uninitialized variables
Date: Fri, 24 Mar 2023 18:30:28 -0400
Message-Id: <20230324223034.1560-7-mikuback@linux.microsoft.com>
X-Mailer: git-send-email 2.40.0.windows.1
In-Reply-To: <20230324223034.1560-1-mikuback@linux.microsoft.com>
References: <20230324223034.1560-1-mikuback@linux.microsoft.com>
MIME-Version: 1.0
Content-Transfer-Encoding: quoted-printable

From: Michael Kubacki <michael.kubacki@microsoft.com>

Fixes CodeQL alerts for CWE-457:
https://cwe.mitre.org/data/definitions/457.html

Note that this change affects the actual return value from the
following functions. The functions documented that if an integer
overflow occurred, MAX_UINTN would be returned. They were
implemented to actually return an undefined value from the stack.

This change makes the function follow its description. However, this
is technically different than what callers may have previously
expected.

MdePkg/Library/BaseLib/String.c:
  - StrDecimalToUintn()
  - StrDecimalToUint64()
  - StrHexToUintn()
  - StrHexToUint64()
  - AsciiStrDecimalToUintn()
  - AsciiStrDecimalToUint64()
  - AsciiStrHexToUintn()
  - AsciiStrHexToUint64()

Cc: Erich McMillan <emcmillan@microsoft.com>
Cc: Liming Gao <gaoliming@byosoft.com.cn>
Cc: Michael D Kinney <michael.d.kinney@intel.com>
Cc: Michael Kubacki <mikuback@linux.microsoft.com>
Cc: Zhiguang Liu <zhiguang.liu@intel.com>
Co-authored-by: Erich McMillan <emcmillan@microsoft.com>
Signed-off-by: Michael Kubacki <michael.kubacki@microsoft.com>
Reviewed-by: Liming Gao <gaoliming@byosoft.com.cn>
---
 MdePkg/Library/BaseLib/String.c | 40 ++++++++++++++++----
 1 file changed, 32 insertions(+), 8 deletions(-)

diff --git a/MdePkg/Library/BaseLib/String.c b/MdePkg/Library/BaseLib/Str=
ing.c
index 98e6d31463e0..637c96e7b31b 100644
--- a/MdePkg/Library/BaseLib/String.c
+++ b/MdePkg/Library/BaseLib/String.c
@@ -408,7 +408,10 @@ StrDecimalToUintn (
 {
   UINTN  Result;
=20
-  StrDecimalToUintnS (String, (CHAR16 **)NULL, &Result);
+  if (RETURN_ERROR (StrDecimalToUintnS (String, (CHAR16 **)NULL, &Result=
))) {
+    return MAX_UINTN;
+  }
+
   return Result;
 }
=20
@@ -454,7 +457,10 @@ StrDecimalToUint64 (
 {
   UINT64  Result;
=20
-  StrDecimalToUint64S (String, (CHAR16 **)NULL, &Result);
+  if (RETURN_ERROR (StrDecimalToUint64S (String, (CHAR16 **)NULL, &Resul=
t))) {
+    return MAX_UINT64;
+  }
+
   return Result;
 }
=20
@@ -501,7 +507,10 @@ StrHexToUintn (
 {
   UINTN  Result;
=20
-  StrHexToUintnS (String, (CHAR16 **)NULL, &Result);
+  if (RETURN_ERROR (StrHexToUintnS (String, (CHAR16 **)NULL, &Result))) =
{
+    return MAX_UINTN;
+  }
+
   return Result;
 }
=20
@@ -548,7 +557,10 @@ StrHexToUint64 (
 {
   UINT64  Result;
=20
-  StrHexToUint64S (String, (CHAR16 **)NULL, &Result);
+  if (RETURN_ERROR (StrHexToUint64S (String, (CHAR16 **)NULL, &Result)))=
 {
+    return MAX_UINT64;
+  }
+
   return Result;
 }
=20
@@ -989,7 +1001,10 @@ AsciiStrDecimalToUintn (
 {
   UINTN  Result;
=20
-  AsciiStrDecimalToUintnS (String, (CHAR8 **)NULL, &Result);
+  if (RETURN_ERROR (AsciiStrDecimalToUintnS (String, (CHAR8 **)NULL, &Re=
sult))) {
+    return MAX_UINTN;
+  }
+
   return Result;
 }
=20
@@ -1031,7 +1046,10 @@ AsciiStrDecimalToUint64 (
 {
   UINT64  Result;
=20
-  AsciiStrDecimalToUint64S (String, (CHAR8 **)NULL, &Result);
+  if (RETURN_ERROR (AsciiStrDecimalToUint64S (String, (CHAR8 **)NULL, &R=
esult))) {
+    return MAX_UINT64;
+  }
+
   return Result;
 }
=20
@@ -1077,7 +1095,10 @@ AsciiStrHexToUintn (
 {
   UINTN  Result;
=20
-  AsciiStrHexToUintnS (String, (CHAR8 **)NULL, &Result);
+  if (RETURN_ERROR (AsciiStrHexToUintnS (String, (CHAR8 **)NULL, &Result=
))) {
+    return MAX_UINTN;
+  }
+
   return Result;
 }
=20
@@ -1123,7 +1144,10 @@ AsciiStrHexToUint64 (
 {
   UINT64  Result;
=20
-  AsciiStrHexToUint64S (String, (CHAR8 **)NULL, &Result);
+  if (RETURN_ERROR (AsciiStrHexToUint64S (String, (CHAR8 **)NULL, &Resul=
t))) {
+    return MAX_UINT64;
+  }
+
   return Result;
 }
=20
--=20
2.40.0.windows.1