From mboxrd@z Thu Jan  1 00:00:00 1970
Return-Path: <jian.j.wang@intel.com>
Received-SPF: Pass (sender SPF authorized) identity=mailfrom;
 client-ip=192.55.52.88; helo=mga01.intel.com;
 envelope-from=jian.j.wang@intel.com; receiver=edk2-devel@lists.01.org 
Received: from mga01.intel.com (mga01.intel.com [192.55.52.88])
 (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits))
 (No client certificate requested)
 by ml01.01.org (Postfix) with ESMTPS id CDD812034B41B
 for <edk2-devel@lists.01.org>; Tue, 26 Dec 2017 18:09:17 -0800 (PST)
X-Amp-Result: SKIPPED(no attachment in message)
X-Amp-File-Uploaded: False
Received: from fmsmga007.fm.intel.com ([10.253.24.52])
 by fmsmga101.fm.intel.com with ESMTP/TLS/DHE-RSA-AES256-GCM-SHA384;
 26 Dec 2017 18:14:12 -0800
X-ExtLoop1: 1
X-IronPort-AV: E=Sophos;i="5.45,462,1508828400"; 
   d="scan'208";a="5255608"
Received: from fmsmsx105.amr.corp.intel.com ([10.18.124.203])
 by fmsmga007.fm.intel.com with ESMTP; 26 Dec 2017 18:14:12 -0800
Received: from fmsmsx155.amr.corp.intel.com (10.18.116.71) by
 FMSMSX105.amr.corp.intel.com (10.18.124.203) with Microsoft SMTP Server (TLS)
 id 14.3.319.2; Tue, 26 Dec 2017 18:14:11 -0800
Received: from shsmsx101.ccr.corp.intel.com (10.239.4.153) by
 FMSMSX155.amr.corp.intel.com (10.18.116.71) with Microsoft SMTP Server (TLS)
 id 14.3.319.2; Tue, 26 Dec 2017 18:14:11 -0800
Received: from shsmsx103.ccr.corp.intel.com ([169.254.4.213]) by
 SHSMSX101.ccr.corp.intel.com ([169.254.1.159]) with mapi id 14.03.0319.002;
 Wed, 27 Dec 2017 10:14:09 +0800
From: "Wang, Jian J" <jian.j.wang@intel.com>
To: "Wang, Jian J" <jian.j.wang@intel.com>, "edk2-devel@lists.01.org"
 <edk2-devel@lists.01.org>
CC: "Kinney, Michael D" <michael.d.kinney@intel.com>, "Yao, Jiewen"
 <jiewen.yao@intel.com>, "Zeng, Star" <star.zeng@intel.com>, "Gao, Liming"
 <liming.gao@intel.com>
Thread-Topic: [edk2] [PATCH] MdePkg/BasePrintLib: Fix incorrect Precision
 position calculation
Thread-Index: AQHTfSVj1FRHdxIRVUizEXTJjKZQf6NWdgFQ
Date: Wed, 27 Dec 2017 02:14:09 +0000
Message-ID: <D827630B58408649ACB04F44C510003624CC506B@SHSMSX103.ccr.corp.intel.com>
References: <20171225020847.14076-1-jian.j.wang@intel.com>
In-Reply-To: <20171225020847.14076-1-jian.j.wang@intel.com>
Accept-Language: en-US
X-MS-Has-Attach: 
X-MS-TNEF-Correlator: 
x-titus-metadata-40: eyJDYXRlZ29yeUxhYmVscyI6IiIsIk1ldGFkYXRhIjp7Im5zIjoiaHR0cDpcL1wvd3d3LnRpdHVzLmNvbVwvbnNcL0ludGVsMyIsImlkIjoiZGJkZTBmNGYtMDdlNi00Y2ViLThkZDgtZmUwOTFmMjkwNGViIiwicHJvcHMiOlt7Im4iOiJDVFBDbGFzc2lmaWNhdGlvbiIsInZhbHMiOlt7InZhbHVlIjoiQ1RQX05UIn1dfV19LCJTdWJqZWN0TGFiZWxzIjpbXSwiVE1DVmVyc2lvbiI6IjE3LjIuNS4xOCIsIlRydXN0ZWRMYWJlbEhhc2giOiJOTEZwSmE4dWRBb0dcL1ltS0ROb2w3YStkTXdvUDh1RlhFT2d4cUFlKys2RVpDN0t2Zkx4NmhcL0s0cnZGS1g0Z3AifQ==
x-ctpclassification: CTP_NT
dlp-product: dlpe-windows
dlp-version: 11.0.0.116
dlp-reaction: no-action
x-originating-ip: [10.239.127.40]
MIME-Version: 1.0
Subject: Re: [PATCH] MdePkg/BasePrintLib: Fix incorrect Precision position calculation
X-BeenThere: edk2-devel@lists.01.org
X-Mailman-Version: 2.1.23
Precedence: list
List-Id: EDK II Development  <edk2-devel.lists.01.org>
List-Unsubscribe: <https://lists.01.org/mailman/options/edk2-devel>,
 <mailto:edk2-devel-request@lists.01.org?subject=unsubscribe>
List-Archive: <http://lists.01.org/pipermail/edk2-devel/>
List-Post: <mailto:edk2-devel@lists.01.org>
List-Help: <mailto:edk2-devel-request@lists.01.org?subject=help>
List-Subscribe: <https://lists.01.org/mailman/listinfo/edk2-devel>,
 <mailto:edk2-devel-request@lists.01.org?subject=subscribe>
X-List-Received-Date: Wed, 27 Dec 2017 02:09:18 -0000
Content-Language: en-US
Content-Type: text/plain; charset="us-ascii"
Content-Transfer-Encoding: quoted-printable

Mike and Liming,

Could you take a look at this patch?

Regards,
Jian


> -----Original Message-----
> From: edk2-devel [mailto:edk2-devel-bounces@lists.01.org] On Behalf Of Ji=
an J
> Wang
> Sent: Monday, December 25, 2017 10:09 AM
> To: edk2-devel@lists.01.org
> Cc: Kinney, Michael D <michael.d.kinney@intel.com>; Yao, Jiewen
> <jiewen.yao@intel.com>; Zeng, Star <star.zeng@intel.com>; Gao, Liming
> <liming.gao@intel.com>
> Subject: [edk2] [PATCH] MdePkg/BasePrintLib: Fix incorrect Precision posi=
tion
> calculation
>=20
> Due to the a potential hole in the stop condition of for-loop, the two
> continuous access to ArgumentString (index, index+1) inside the loop
> might cause the string ending character ('\0') to be read.
>=20
> Cc: Michael D Kinney <michael.d.kinney@intel.com>
> Cc: Liming Gao <liming.gao@intel.com>
> Cc: Jiewen Yao <jiewen.yao@intel.com>
> Cc: Star Zeng <star.zeng@intel.com>
> Contributed-under: TianoCore Contribution Agreement 1.1
> Signed-off-by: Jian J Wang <jian.j.wang@intel.com>
> ---
>  MdePkg/Library/BasePrintLib/PrintLibInternal.c | 5 ++++-
>  1 file changed, 4 insertions(+), 1 deletion(-)
>=20
> diff --git a/MdePkg/Library/BasePrintLib/PrintLibInternal.c
> b/MdePkg/Library/BasePrintLib/PrintLibInternal.c
> index 28d946472f..297d5a05b5 100644
> --- a/MdePkg/Library/BasePrintLib/PrintLibInternal.c
> +++ b/MdePkg/Library/BasePrintLib/PrintLibInternal.c
> @@ -1107,7 +1107,10 @@ BasePrintLibSPrintMarker (
>        // Compute the number of characters in ArgumentString and store it=
 in
> Count
>        // ArgumentString is either null-terminated, or it contains Precis=
ion
> characters
>        //
> -      for (Count =3D 0; Count < Precision || ((Flags & PRECISION) =3D=3D=
 0); Count++) {
> +      for (Count =3D 0;
> +            ArgumentString[Count * BytesPerArgumentCharacter] !=3D '\0' =
&&
> +            (Count < Precision || ((Flags & PRECISION) =3D=3D 0));
> +              Count++) {
>          ArgumentCharacter =3D ((ArgumentString[Count *
> BytesPerArgumentCharacter] & 0xff) | ((ArgumentString[Count *
> BytesPerArgumentCharacter + 1]) << 8)) & ArgumentMask;
>          if (ArgumentCharacter =3D=3D 0) {
>            break;
> --
> 2.15.1.windows.2
>=20
> _______________________________________________
> edk2-devel mailing list
> edk2-devel@lists.01.org
> https://lists.01.org/mailman/listinfo/edk2-devel