From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Received: from mail02.groups.io (mail02.groups.io [66.175.222.108]) by spool.mail.gandi.net (Postfix) with ESMTPS id 24BC8AC1ADD for ; Wed, 6 Sep 2023 12:05:28 +0000 (UTC) DKIM-Signature: a=rsa-sha256; bh=l02d2rHfVsgaOm8WFO6IYrIS1r79JQuIS+C41tbCsVg=; c=relaxed/simple; d=groups.io; h=MIME-Version:References:In-Reply-To:From:Date:Message-ID:Subject:To:Cc:Precedence:List-Subscribe:List-Help:Sender:List-Id:Mailing-List:Delivered-To:Reply-To:List-Unsubscribe-Post:List-Unsubscribe:Content-Type; s=20140610; t=1694001926; v=1; b=Pzds99dRpQ32MrJlaNq00St5fI7c/xVd84wPdUuAMUiNZq3nd04IiYlljGhQKqjLHAIGFYq0 944fDprSkIfCMYVQtlY5AKvZQoBNtjTO7/0UzdT523Xy7lHSkrdUT6uPeAgwkoYugtiw9AsiMTu fTTPwEUC3yY7zrOGWaeh4O3o= X-Received: by 127.0.0.2 with SMTP id piiYYY7687511xino3khMn5y; Wed, 06 Sep 2023 05:05:26 -0700 X-Received: from mail-wm1-f48.google.com (mail-wm1-f48.google.com [209.85.128.48]) by mx.groups.io with SMTP id smtpd.web11.6648.1694001925992914590 for ; Wed, 06 Sep 2023 05:05:26 -0700 X-Received: by mail-wm1-f48.google.com with SMTP id 5b1f17b1804b1-401d80f4ef8so35403525e9.1 for ; Wed, 06 Sep 2023 05:05:25 -0700 (PDT) X-Gm-Message-State: wSOeO5Wp6G5UN7GFnaE7GMC3x7686176AA= X-Google-Smtp-Source: AGHT+IE/bhcD7ncQ4MBvl48MqrY+vBdvlCjMmoFVwkR45r7DtIyUtsk1USkFaUBsNDo3ua1t8g+9mQYvsprTRhLKFyY= X-Received: by 2002:a5d:4f82:0:b0:317:731a:6702 with SMTP id d2-20020a5d4f82000000b00317731a6702mr2376866wru.19.1694001923812; Wed, 06 Sep 2023 05:05:23 -0700 (PDT) MIME-Version: 1.0 References: <20230906103338.3320-2-mjsbeaton@gmail.com> In-Reply-To: From: "Mike Beaton" Date: Wed, 6 Sep 2023 13:05:12 +0100 Message-ID: Subject: Re: [edk2-devel] [PATCH v3] MdeModulePkg/HiiDatabase: Fix incorrect AllocateCopyPool size To: devel@edk2.groups.io Cc: Eric Dong , Dandan Bi , Ard Biesheuvel Precedence: Bulk List-Subscribe: List-Help: Sender: devel@edk2.groups.io List-Id: Mailing-List: list devel@edk2.groups.io; contact devel+owner@edk2.groups.io Reply-To: devel@edk2.groups.io,mjsbeaton@gmail.com List-Unsubscribe-Post: List-Unsubscribe=One-Click List-Unsubscribe: Content-Type: text/plain; charset="UTF-8" X-GND-Status: LEGIT Authentication-Results: spool.mail.gandi.net; dkim=pass header.d=groups.io header.s=20140610 header.b=Pzds99dR; dmarc=fail reason="SPF not aligned (relaxed), DKIM not aligned (relaxed)" header.from=gmail.com (policy=none); spf=pass (spool.mail.gandi.net: domain of bounce@groups.io designates 66.175.222.108 as permitted sender) smtp.mailfrom=bounce@groups.io On Wed, 6 Sept 2023 at 12:55, Mike Beaton wrote: > > On Wed, 6 Sept 2023 at 11:34, Mike Beaton wrote: > > > > AsciiStrLen was one byte too short (though with alignment up from an odd size > > would probably always have had the required space in practice). AsciiStrSize > > matches usage elsewhere in this file and in the codebase. Have just realised that the severity is worse than implied in my current commit message, since not only are (potentially - though almost certainly not, in practice) too few bytes allocated, but definitely too few bytes are then copied, so the resulting string is only null terminated by the grace of the specific implementation, too. Could update to a v4 of this (small) patch with a commit message mentioning this? -=-=-=-=-=-=-=-=-=-=-=- Groups.io Links: You receive all messages sent to this group. View/Reply Online (#108329): https://edk2.groups.io/g/devel/message/108329 Mute This Topic: https://groups.io/mt/101189764/7686176 Group Owner: devel+owner@edk2.groups.io Unsubscribe: https://edk2.groups.io/g/devel/unsub [rebecca@openfw.io] -=-=-=-=-=-=-=-=-=-=-=-