From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Received-SPF: Pass (sender SPF authorized) identity=mailfrom; client-ip=192.55.52.43; helo=mga05.intel.com; envelope-from=jian.j.wang@intel.com; receiver=edk2-devel@lists.01.org Received: from mga05.intel.com (mga05.intel.com [192.55.52.43]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ml01.01.org (Postfix) with ESMTPS id 185E02239363B for ; Sun, 4 Feb 2018 17:17:45 -0800 (PST) X-Amp-Result: SKIPPED(no attachment in message) X-Amp-File-Uploaded: False Received: from orsmga008.jf.intel.com ([10.7.209.65]) by fmsmga105.fm.intel.com with ESMTP/TLS/DHE-RSA-AES256-GCM-SHA384; 04 Feb 2018 17:23:26 -0800 X-ExtLoop1: 1 X-IronPort-AV: E=Sophos;i="5.46,462,1511856000"; d="scan'208";a="15420146" Received: from fmsmsx104.amr.corp.intel.com ([10.18.124.202]) by orsmga008.jf.intel.com with ESMTP; 04 Feb 2018 17:23:25 -0800 Received: from fmsmsx119.amr.corp.intel.com (10.18.124.207) by fmsmsx104.amr.corp.intel.com (10.18.124.202) with Microsoft SMTP Server (TLS) id 14.3.319.2; Sun, 4 Feb 2018 17:23:25 -0800 Received: from shsmsx102.ccr.corp.intel.com (10.239.4.154) by FMSMSX119.amr.corp.intel.com (10.18.124.207) with Microsoft SMTP Server (TLS) id 14.3.319.2; Sun, 4 Feb 2018 17:23:25 -0800 Received: from shsmsx103.ccr.corp.intel.com ([169.254.4.116]) by shsmsx102.ccr.corp.intel.com ([169.254.2.124]) with mapi id 14.03.0319.002; Mon, 5 Feb 2018 09:23:23 +0800 From: "Wang, Jian J" To: "Ni, Ruiyu" , "edk2-devel@lists.01.org" CC: "Yao, Jiewen" , "Gao, Liming" Thread-Topic: [PATCH] MdePkg/SafeString: Directly return when length of source string is 0 Thread-Index: AQHTnBNKtNVf+v/PV0+FxCpwnmFiGaOVB49Q Date: Mon, 5 Feb 2018 01:23:23 +0000 Message-ID: References: <20180202104753.94568-1-ruiyu.ni@intel.com> In-Reply-To: <20180202104753.94568-1-ruiyu.ni@intel.com> Accept-Language: en-US X-MS-Has-Attach: X-MS-TNEF-Correlator: x-titus-metadata-40: eyJDYXRlZ29yeUxhYmVscyI6IiIsIk1ldGFkYXRhIjp7Im5zIjoiaHR0cDpcL1wvd3d3LnRpdHVzLmNvbVwvbnNcL0ludGVsMyIsImlkIjoiMzc3NDIwM2YtMjkwMC00MmM1LWFlYjEtYzc2M2NiM2YxMTNjIiwicHJvcHMiOlt7Im4iOiJDVFBDbGFzc2lmaWNhdGlvbiIsInZhbHMiOlt7InZhbHVlIjoiQ1RQX05UIn1dfV19LCJTdWJqZWN0TGFiZWxzIjpbXSwiVE1DVmVyc2lvbiI6IjE3LjIuNS4xOCIsIlRydXN0ZWRMYWJlbEhhc2giOiJDQzRlU2xHV2IzXC8rM1RrcEJSMG1uT0dSR1ZlZWRrNkxZSG9JWW9cL1FwT0dFUldTYXprelF2YlwvVG1WWGFkMVFEIn0= x-ctpclassification: CTP_NT dlp-product: dlpe-windows dlp-version: 11.0.0.116 dlp-reaction: no-action x-originating-ip: [10.239.127.40] MIME-Version: 1.0 Subject: Re: [PATCH] MdePkg/SafeString: Directly return when length of source string is 0 X-BeenThere: edk2-devel@lists.01.org X-Mailman-Version: 2.1.23 Precedence: list List-Id: EDK II Development List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Mon, 05 Feb 2018 01:17:46 -0000 Content-Language: en-US Content-Type: text/plain; charset="us-ascii" Content-Transfer-Encoding: quoted-printable Reviewed-by: Jian J Wang > -----Original Message----- > From: Ni, Ruiyu > Sent: Friday, February 02, 2018 6:48 PM > To: edk2-devel@lists.01.org > Cc: Yao, Jiewen ; Gao, Liming ; > Wang, Jian J > Subject: [PATCH] MdePkg/SafeString: Directly return when length of source > string is 0 >=20 > Today's implementation of [Ascii]StrnCpyS/[Ascii]StrnCatS doesn't > directly return the the length of source string is 0. >=20 > When length of source string is 0, it means the Source points to > a memory that shouldn't be deferenced at all. > So it's not proper to call StrnLenS() in such situation. > In a pool guard enabled environment, when using shell to edit an > existing file which contains empty line, the page fault is met. >=20 > The patch fixes the four library functions to align to the behavior > of non-safe version: directly return when length of source string > is 0. >=20 > Contributed-under: TianoCore Contribution Agreement 1.1 > Signed-off-by: Ruiyu Ni > Cc: Jiewen Yao > Cc: Liming Gao > Cc: Jian J Wang > --- > MdePkg/Library/BaseLib/SafeString.c | 18 +++++++++++++++++- > 1 file changed, 17 insertions(+), 1 deletion(-) >=20 > diff --git a/MdePkg/Library/BaseLib/SafeString.c > b/MdePkg/Library/BaseLib/SafeString.c > index 68c33e9b7b..fed818ef33 100644 > --- a/MdePkg/Library/BaseLib/SafeString.c > +++ b/MdePkg/Library/BaseLib/SafeString.c > @@ -1,7 +1,7 @@ > /** @file > Safe String functions. >=20 > - Copyright (c) 2014 - 2017, Intel Corporation. All rights reserved.
> + Copyright (c) 2014 - 2018, Intel Corporation. All rights reserved.
> This program and the accompanying materials > are licensed and made available under the terms and conditions of the = BSD > License > which accompanies this distribution. The full text of the license may= be found > at > @@ -317,6 +317,10 @@ StrnCpyS ( > { > UINTN SourceLen; >=20 > + if (Length =3D=3D 0) { > + return RETURN_SUCCESS; > + } > + > ASSERT (((UINTN) Destination & BIT0) =3D=3D 0); > ASSERT (((UINTN) Source & BIT0) =3D=3D 0); >=20 > @@ -515,6 +519,10 @@ StrnCatS ( > UINTN CopyLen; > UINTN SourceLen; >=20 > + if (Length =3D=3D 0) { > + return RETURN_SUCCESS; > + } > + > ASSERT (((UINTN) Destination & BIT0) =3D=3D 0); > ASSERT (((UINTN) Source & BIT0) =3D=3D 0); >=20 > @@ -1894,6 +1902,10 @@ AsciiStrnCpyS ( > { > UINTN SourceLen; >=20 > + if (Length =3D=3D 0) { > + return RETURN_SUCCESS; > + } > + > // > // 1. Neither Destination nor Source shall be a null pointer. > // > @@ -2082,6 +2094,10 @@ AsciiStrnCatS ( > UINTN CopyLen; > UINTN SourceLen; >=20 > + if (Length =3D=3D 0) { > + return RETURN_SUCCESS; > + } > + > // > // Let CopyLen denote the value DestMax - AsciiStrnLenS(Destination, > DestMax) upon entry to AsciiStrnCatS. > // > -- > 2.16.1.windows.1