From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Received: from mga06.intel.com (mga06.intel.com [134.134.136.31]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ml01.01.org (Postfix) with ESMTPS id 1224E81F08 for ; Thu, 8 Dec 2016 23:13:14 -0800 (PST) Received: from fmsmga004.fm.intel.com ([10.253.24.48]) by orsmga104.jf.intel.com with ESMTP; 08 Dec 2016 23:13:13 -0800 X-ExtLoop1: 1 X-IronPort-AV: E=Sophos;i="5.33,323,1477983600"; d="scan'208";a="200733048" Received: from fmsmsx105.amr.corp.intel.com ([10.18.124.203]) by fmsmga004.fm.intel.com with ESMTP; 08 Dec 2016 23:13:13 -0800 Received: from fmsmsx153.amr.corp.intel.com (10.18.125.6) by FMSMSX105.amr.corp.intel.com (10.18.124.203) with Microsoft SMTP Server (TLS) id 14.3.248.2; Thu, 8 Dec 2016 23:13:13 -0800 Received: from shsmsx102.ccr.corp.intel.com (10.239.4.154) by FMSMSX153.amr.corp.intel.com (10.18.125.6) with Microsoft SMTP Server (TLS) id 14.3.248.2; Thu, 8 Dec 2016 23:13:12 -0800 Received: from shsmsx103.ccr.corp.intel.com ([169.254.4.17]) by shsmsx102.ccr.corp.intel.com ([169.254.2.37]) with mapi id 14.03.0248.002; Fri, 9 Dec 2016 15:13:09 +0800 From: "Wu, Jiaxin" To: "Wu, Hao A" , "edk2-devel@lists.01.org" CC: "Yao, Jiewen" , "Gao, Liming" , "Kinney, Michael D" Thread-Topic: [PATCH] MdePkg/BaseLib: Enhance the return value for string to uint functions Thread-Index: AQHSURmB5oOMQIi09kGT5zLYziqyB6D/NSUQ Date: Fri, 9 Dec 2016 07:13:08 +0000 Message-ID: <895558F6EA4E3B41AC93A00D163B7274138C09E5@SHSMSX103.ccr.corp.intel.com> References: <1481177297-24044-1-git-send-email-hao.a.wu@intel.com> In-Reply-To: <1481177297-24044-1-git-send-email-hao.a.wu@intel.com> Accept-Language: en-US X-MS-Has-Attach: X-MS-TNEF-Correlator: x-titus-metadata-40: eyJDYXRlZ29yeUxhYmVscyI6IiIsIk1ldGFkYXRhIjp7Im5zIjoiaHR0cDpcL1wvd3d3LnRpdHVzLmNvbVwvbnNcL0ludGVsMyIsImlkIjoiYTU2ZjIyMTMtZTQxYy00YWQ0LTllMWItYzA1MGM5MzFlY2NiIiwicHJvcHMiOlt7Im4iOiJDVFBDbGFzc2lmaWNhdGlvbiIsInZhbHMiOlt7InZhbHVlIjoiQ1RQX0lDIn1dfV19LCJTdWJqZWN0TGFiZWxzIjpbXSwiVE1DVmVyc2lvbiI6IjE1LjkuNi42IiwiVHJ1c3RlZExhYmVsSGFzaCI6IkE4dm4zYkYyUEV2MWNEZkZoZnJGM2xmaGRBZWxVdjNOOEdWRk92Smp2SjQ9In0= x-ctpclassification: CTP_IC x-originating-ip: [10.239.127.40] MIME-Version: 1.0 Subject: Re: [PATCH] MdePkg/BaseLib: Enhance the return value for string to uint functions X-BeenThere: edk2-devel@lists.01.org X-Mailman-Version: 2.1.21 Precedence: list List-Id: EDK II Development List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Fri, 09 Dec 2016 07:13:14 -0000 Content-Language: en-US Content-Type: text/plain; charset="us-ascii" Content-Transfer-Encoding: quoted-printable Reviewed-by: Wu Jiaxin > -----Original Message----- > From: Wu, Hao A > Sent: Thursday, December 8, 2016 2:08 PM > To: edk2-devel@lists.01.org > Cc: Wu, Hao A ; Yao, Jiewen ; > Wu, Jiaxin ; Gao, Liming ; > Kinney, Michael D > Subject: [PATCH] MdePkg/BaseLib: Enhance the return value for string to > uint functions >=20 > For the following APIs in MdePkg/BaseLib: > AsciiStrDecimalToUintn > AsciiStrDecimalToUint64 > AsciiStrHexToUintn > AsciiStrHexToUint64 > StrDecimalToUintn > StrDecimalToUint64 > StrHexToUintn > StrHexToUint64 >=20 > They will ASSERT for DEBUG build when the input string exceeds the range = of > UINTN/UINT64. However, for RELEASE build, incorrect value will be returne= d. >=20 > This commit removes those exceed-range ASSERT checks and makes those > APIs to return MAX_UINTN/MAX_UINT64 instead. >=20 > Cc: Jiewen Yao > Cc: Jiaxin Wu > Cc: Liming Gao > Cc: Michael D Kinney > Contributed-under: TianoCore Contribution Agreement 1.0 > Signed-off-by: Hao Wu > --- > MdePkg/Include/Library/BaseLib.h | 20 ++++++------ > MdePkg/Library/BaseLib/String.c | 70 ++++++++++++++++++++++++-------- > -------- > 2 files changed, 53 insertions(+), 37 deletions(-) >=20 > diff --git a/MdePkg/Include/Library/BaseLib.h > b/MdePkg/Include/Library/BaseLib.h > index b69c703..d89d1ec 100644 > --- a/MdePkg/Include/Library/BaseLib.h > +++ b/MdePkg/Include/Library/BaseLib.h > @@ -879,7 +879,7 @@ StrStr ( > If String has no pad spaces or valid decimal digits, > then 0 is returned. > If the number represented by String overflows according > - to the range defined by UINTN, then ASSERT(). > + to the range defined by UINTN, then MAX_UINTN is returned. >=20 > If PcdMaximumUnicodeStringLength is not zero, and String contains > more than PcdMaximumUnicodeStringLength Unicode characters not > including @@ -919,7 +919,7 @@ StrDecimalToUintn ( > If String has no pad spaces or valid decimal digits, > then 0 is returned. > If the number represented by String overflows according > - to the range defined by UINT64, then ASSERT(). > + to the range defined by UINT64, then MAX_UINT64 is returned. >=20 > If PcdMaximumUnicodeStringLength is not zero, and String contains > more than PcdMaximumUnicodeStringLength Unicode characters not > including @@ -961,7 +961,7 @@ StrDecimalToUint64 ( > If String has no leading pad spaces, leading zeros or valid hexadecima= l digits, > then zero is returned. > If the number represented by String overflows according to the range > defined by > - UINTN, then ASSERT(). > + UINTN, then MAX_UINTN is returned. >=20 > If PcdMaximumUnicodeStringLength is not zero, and String contains more > than > PcdMaximumUnicodeStringLength Unicode characters not including the > Null-terminator, @@ -1003,7 +1003,7 @@ StrHexToUintn ( > If String has no leading pad spaces, leading zeros or valid hexadecima= l digits, > then zero is returned. > If the number represented by String overflows according to the range > defined by > - UINT64, then ASSERT(). > + UINT64, then MAX_UINT64 is returned. >=20 > If PcdMaximumUnicodeStringLength is not zero, and String contains more > than > PcdMaximumUnicodeStringLength Unicode characters not including the > Null-terminator, @@ -1481,7 +1481,7 @@ AsciiStrStr ( > If String has only pad spaces, then 0 is returned. > If String has no pad spaces or valid decimal digits, then 0 is returne= d. > If the number represented by String overflows according to the range > defined by > - UINTN, then ASSERT(). > + UINTN, then MAX_UINTN is returned. > If String is NULL, then ASSERT(). > If PcdMaximumAsciiStringLength is not zero, and String contains more t= han > PcdMaximumAsciiStringLength ASCII characters not including the Null- > terminator, @@ -1518,7 +1518,7 @@ AsciiStrDecimalToUintn ( > If String has only pad spaces, then 0 is returned. > If String has no pad spaces or valid decimal digits, then 0 is returne= d. > If the number represented by String overflows according to the range > defined by > - UINT64, then ASSERT(). > + UINT64, then MAX_UINT64 is returned. > If String is NULL, then ASSERT(). > If PcdMaximumAsciiStringLength is not zero, and String contains more t= han > PcdMaximumAsciiStringLength ASCII characters not including the Null- > terminator, @@ -1557,9 +1557,9 @@ AsciiStrDecimalToUint64 ( > If String has only pad spaces, then 0 is returned. > If String has no leading pad spaces, leading zeros or valid hexadecima= l digits, > then > 0 is returned. > - > If the number represented by String overflows according to the range > defined by UINTN, > - then ASSERT(). > + then MAX_UINTN is returned. > + > If String is NULL, then ASSERT(). > If PcdMaximumAsciiStringLength is not zero, > and String contains more than PcdMaximumAsciiStringLength ASCII > characters not including @@ -1598,9 +1598,9 @@ AsciiStrHexToUintn ( > If String has only pad spaces, then 0 is returned. > If String has no leading pad spaces, leading zeros or valid hexadecima= l digits, > then > 0 is returned. > - > If the number represented by String overflows according to the range > defined by UINT64, > - then ASSERT(). > + then MAX_UINT64 is returned. > + > If String is NULL, then ASSERT(). > If PcdMaximumAsciiStringLength is not zero, > and String contains more than PcdMaximumAsciiStringLength ASCII > characters not including diff --git a/MdePkg/Library/BaseLib/String.c > b/MdePkg/Library/BaseLib/String.c index 25962f8..efcfdfe 100644 > --- a/MdePkg/Library/BaseLib/String.c > +++ b/MdePkg/Library/BaseLib/String.c > @@ -1,7 +1,7 @@ > /** @file > Unicode and ASCII string primitives. >=20 > - Copyright (c) 2006 - 2014, Intel Corporation. All rights reserved.
> + Copyright (c) 2006 - 2016, Intel Corporation. All rights > + reserved.
> This program and the accompanying materials > are licensed and made available under the terms and conditions of the = BSD > License > which accompanies this distribution. The full text of the license may= be > found at @@ -637,7 +637,7 @@ InternalIsHexaDecimalDigitCharacter ( > If String has no pad spaces or valid decimal digits, > then 0 is returned. > If the number represented by String overflows according > - to the range defined by UINTN, then ASSERT(). > + to the range defined by UINTN, then MAX_UINTN is returned. >=20 > If PcdMaximumUnicodeStringLength is not zero, and String contains > more than PcdMaximumUnicodeStringLength Unicode characters, not > including @@ -681,9 +681,11 @@ StrDecimalToUintn ( > while (InternalIsDecimalDigitCharacter (*String)) { > // > // If the number represented by String overflows according > - // to the range defined by UINTN, then ASSERT(). > + // to the range defined by UINTN, then MAX_UINTN is returned. > // > - ASSERT (Result <=3D ((((UINTN) ~0) - (*String - L'0')) / 10)); > + if (Result > ((MAX_UINTN - (*String - L'0')) / 10)) { > + return MAX_UINTN; > + } >=20 > Result =3D Result * 10 + (*String - L'0'); > String++; > @@ -716,7 +718,7 @@ StrDecimalToUintn ( > If String has no pad spaces or valid decimal digits, > then 0 is returned. > If the number represented by String overflows according > - to the range defined by UINT64, then ASSERT(). > + to the range defined by UINT64, then MAX_UINT64 is returned. >=20 > If PcdMaximumUnicodeStringLength is not zero, and String contains > more than PcdMaximumUnicodeStringLength Unicode characters, not > including @@ -760,9 +762,11 @@ StrDecimalToUint64 ( > while (InternalIsDecimalDigitCharacter (*String)) { > // > // If the number represented by String overflows according > - // to the range defined by UINTN, then ASSERT(). > + // to the range defined by UINT64, then MAX_UINT64 is returned. > // > - ASSERT (Result <=3D DivU64x32 (((UINT64) ~0) - (*String - L'0') , 10= )); > + if (Result > DivU64x32 (MAX_UINT64 - (*String - L'0'), 10)) { > + return MAX_UINT64; > + } >=20 > Result =3D MultU64x32 (Result, 10) + (*String - L'0'); > String++; > @@ -795,7 +799,7 @@ StrDecimalToUint64 ( > If String has no leading pad spaces, leading zeros or valid hexadecima= l digits, > then zero is returned. > If the number represented by String overflows according to the range > defined by > - UINTN, then ASSERT(). > + UINTN, then MAX_UINTN is returned. >=20 > If PcdMaximumUnicodeStringLength is not zero, and String contains more > than > PcdMaximumUnicodeStringLength Unicode characters, not including the > Null-terminator, @@ -849,9 +853,11 @@ StrHexToUintn ( > while (InternalIsHexaDecimalDigitCharacter (*String)) { > // > // If the Hex Number represented by String overflows according > - // to the range defined by UINTN, then ASSERT(). > + // to the range defined by UINTN, then MAX_UINTN is returned. > // > - ASSERT (Result <=3D ((((UINTN) ~0) - InternalHexCharToUintn (*String= )) >> > 4)); > + if (Result > ((MAX_UINTN - InternalHexCharToUintn (*String)) >> 4)) = { > + return MAX_UINTN; > + } >=20 > Result =3D (Result << 4) + InternalHexCharToUintn (*String); > String++; > @@ -885,7 +891,7 @@ StrHexToUintn ( > If String has no leading pad spaces, leading zeros or valid hexadecima= l digits, > then zero is returned. > If the number represented by String overflows according to the range > defined by > - UINT64, then ASSERT(). > + UINT64, then MAX_UINT64 is returned. >=20 > If PcdMaximumUnicodeStringLength is not zero, and String contains more > than > PcdMaximumUnicodeStringLength Unicode characters, not including the > Null-terminator, @@ -940,9 +946,11 @@ StrHexToUint64 ( > while (InternalIsHexaDecimalDigitCharacter (*String)) { > // > // If the Hex Number represented by String overflows according > - // to the range defined by UINTN, then ASSERT(). > + // to the range defined by UINT64, then MAX_UINT64 is returned. > // > - ASSERT (Result <=3D RShiftU64 (((UINT64) ~0) - InternalHexCharToUint= n > (*String) , 4)); > + if (Result > RShiftU64 (MAX_UINT64 - InternalHexCharToUintn (*String= ), > 4)) { > + return MAX_UINT64; > + } >=20 > Result =3D LShiftU64 (Result, 4); > Result =3D Result + InternalHexCharToUintn (*String); @@ -1679,7 +16= 87,7 > @@ AsciiStrStr ( > If String has only pad spaces, then 0 is returned. > If String has no pad spaces or valid decimal digits, then 0 is returne= d. > If the number represented by String overflows according to the range > defined by > - UINTN, then ASSERT(). > + UINTN, then MAX_UINTN is returned. > If String is NULL, then ASSERT(). > If PcdMaximumAsciiStringLength is not zero, and String contains more t= han > PcdMaximumAsciiStringLength ASCII characters not including the Null- > terminator, @@ -1722,9 +1730,11 @@ AsciiStrDecimalToUintn ( > while (InternalAsciiIsDecimalDigitCharacter (*String)) { > // > // If the number represented by String overflows according > - // to the range defined by UINTN, then ASSERT(). > + // to the range defined by UINTN, then MAX_UINTN is returned. > // > - ASSERT (Result <=3D ((((UINTN) ~0) - (*String - L'0')) / 10)); > + if (Result > ((MAX_UINTN - (*String - '0')) / 10)) { > + return MAX_UINTN; > + } >=20 > Result =3D Result * 10 + (*String - '0'); > String++; > @@ -1753,7 +1763,7 @@ AsciiStrDecimalToUintn ( > If String has only pad spaces, then 0 is returned. > If String has no pad spaces or valid decimal digits, then 0 is returne= d. > If the number represented by String overflows according to the range > defined by > - UINT64, then ASSERT(). > + UINT64, then MAX_UINT64 is returned. > If String is NULL, then ASSERT(). > If PcdMaximumAsciiStringLength is not zero, and String contains more t= han > PcdMaximumAsciiStringLength ASCII characters not including the Null- > terminator, @@ -1796,9 +1806,11 @@ AsciiStrDecimalToUint64 ( > while (InternalAsciiIsDecimalDigitCharacter (*String)) { > // > // If the number represented by String overflows according > - // to the range defined by UINTN, then ASSERT(). > + // to the range defined by UINT64, then MAX_UINT64 is returned. > // > - ASSERT (Result <=3D DivU64x32 (((UINT64) ~0) - (*String - L'0') , 10= )); > + if (Result > DivU64x32 (MAX_UINT64 - (*String - '0'), 10)) { > + return MAX_UINT64; > + } >=20 > Result =3D MultU64x32 (Result, 10) + (*String - '0'); > String++; > @@ -1828,9 +1840,9 @@ AsciiStrDecimalToUint64 ( > If String has only pad spaces, then 0 is returned. > If String has no leading pad spaces, leading zeros or valid hexadecima= l digits, > then > 0 is returned. > - > If the number represented by String overflows according to the range > defined by UINTN, > - then ASSERT(). > + then MAX_UINTN is returned. > + > If String is NULL, then ASSERT(). > If PcdMaximumAsciiStringLength is not zero, > and String contains more than PcdMaximumAsciiStringLength ASCII > characters not including @@ -1884,9 +1896,11 @@ AsciiStrHexToUintn ( > while (InternalAsciiIsHexaDecimalDigitCharacter (*String)) { > // > // If the Hex Number represented by String overflows according > - // to the range defined by UINTN, then ASSERT(). > + // to the range defined by UINTN, then MAX_UINTN is returned. > // > - ASSERT (Result <=3D ((((UINTN) ~0) - InternalHexCharToUintn (*String= )) >> > 4)); > + if (Result > ((MAX_UINTN - InternalHexCharToUintn (*String)) >> 4)) = { > + return MAX_UINTN; > + } >=20 > Result =3D (Result << 4) + InternalAsciiHexCharToUintn (*String); > String++; > @@ -1917,9 +1931,9 @@ AsciiStrHexToUintn ( > If String has only pad spaces, then 0 is returned. > If String has no leading pad spaces, leading zeros or valid hexadecima= l digits, > then > 0 is returned. > - > If the number represented by String overflows according to the range > defined by UINT64, > - then ASSERT(). > + then MAX_UINT64 is returned. > + > If String is NULL, then ASSERT(). > If PcdMaximumAsciiStringLength is not zero, > and String contains more than PcdMaximumAsciiStringLength ASCII > characters not including @@ -1976,9 +1990,11 @@ AsciiStrHexToUint64 ( > while (InternalAsciiIsHexaDecimalDigitCharacter (*String)) { > // > // If the Hex Number represented by String overflows according > - // to the range defined by UINTN, then ASSERT(). > + // to the range defined by UINT64, then MAX_UINT64 is returned. > // > - ASSERT (Result <=3D RShiftU64 (((UINT64) ~0) - InternalHexCharToUint= n > (*String) , 4)); > + if (Result > RShiftU64 (MAX_UINT64 - InternalHexCharToUintn (*String= ), > 4)) { > + return MAX_UINT64; > + } >=20 > Result =3D LShiftU64 (Result, 4); > Result =3D Result + InternalAsciiHexCharToUintn (*String); > -- > 1.9.5.msysgit.0