From mboxrd@z Thu Jan 1 00:00:00 1970 Received: from mga06.intel.com (mga06.intel.com [134.134.136.31]) by mx.groups.io with SMTP id smtpd.web10.372.1578335300885589763 for ; Mon, 06 Jan 2020 10:28:21 -0800 Authentication-Results: mx.groups.io; dkim=missing; spf=pass (domain: intel.com, ip: 134.134.136.31, mailfrom: michael.d.kinney@intel.com) X-Amp-Result: SKIPPED(no attachment in message) X-Amp-File-Uploaded: False Received: from orsmga002.jf.intel.com ([10.7.209.21]) by orsmga104.jf.intel.com with ESMTP/TLS/DHE-RSA-AES256-GCM-SHA384; 06 Jan 2020 10:28:20 -0800 X-ExtLoop1: 1 X-IronPort-AV: E=Sophos;i="5.69,403,1571727600"; d="scan'208";a="232906583" Received: from orsmsx101.amr.corp.intel.com ([10.22.225.128]) by orsmga002.jf.intel.com with ESMTP; 06 Jan 2020 10:28:20 -0800 Received: from orsmsx154.amr.corp.intel.com (10.22.226.12) by ORSMSX101.amr.corp.intel.com (10.22.225.128) with Microsoft SMTP Server (TLS) id 14.3.439.0; Mon, 6 Jan 2020 10:28:19 -0800 Received: from orsmsx113.amr.corp.intel.com ([169.254.9.100]) by ORSMSX154.amr.corp.intel.com ([169.254.11.210]) with mapi id 14.03.0439.000; Mon, 6 Jan 2020 10:28:19 -0800 From: "Michael D Kinney" To: "devel@edk2.groups.io" , "vit9696@protonmail.com" , "Kinney, Michael D" Subject: Re: [edk2-devel] [PATCH v3 0/1] Add PCD to disable safe string constraint assertions Thread-Topic: [edk2-devel] [PATCH v3 0/1] Add PCD to disable safe string constraint assertions Thread-Index: AQHVwlkOH0/ufBoglUKtSzLlhfexGafd99AQ Date: Mon, 6 Jan 2020 18:28:19 +0000 Message-ID: References: <20200103171242.63839-1-vit9696@protonmail.com> In-Reply-To: <20200103171242.63839-1-vit9696@protonmail.com> Accept-Language: en-US X-MS-Has-Attach: X-MS-TNEF-Correlator: dlp-product: dlpe-windows dlp-version: 11.2.0.6 dlp-reaction: no-action x-originating-ip: [10.22.254.139] MIME-Version: 1.0 Return-Path: michael.d.kinney@intel.com Content-Language: en-US Content-Type: text/plain; charset="us-ascii" Content-Transfer-Encoding: quoted-printable Hi Vitaly, Is the use case for UEFI Applications? There is a different mechanism to disable all ASSERT() statements within a UEFI Application. If a component is consuming data from an untrusted source, then that component is required to verify the untrusted=20 data before passing it to a function that clearly documents is input requirements. If this approach is followed, then the BaseLib functions can be used "as is" as long as the=20 ASSERT() conditions are verified before calling. If there are some APIs that currently document their ASSERT() behavior and we think that ASSERT() behavior is incorrect and should be handled by an existing error return value, then we should discuss each of those APIs individually. Mike > -----Original Message----- > From: devel@edk2.groups.io On > Behalf Of Vitaly Cheptsov via Groups.Io > Sent: Friday, January 3, 2020 9:13 AM > To: devel@edk2.groups.io > Subject: [edk2-devel] [PATCH v3 0/1] Add PCD to disable > safe string constraint assertions >=20 > REF: > https://bugzilla.tianocore.org/show_bug.cgi?id=3D2054 >=20 > Requesting for merge in edk2-stable202002. >=20 > Changes since V1: > - Enable assertions by default to preserve the original > behaviour > - Fix bugzilla reference link > - Update documentation in BaseLib.h >=20 > Vitaly Cheptsov (1): > MdePkg: Add PCD to disable safe string constraint > assertions >=20 > MdePkg/MdePkg.dec | 6 ++ > MdePkg/Library/BaseLib/BaseLib.inf | 11 +-- > MdePkg/Include/Library/BaseLib.h | 74 > +++++++++++++------- > MdePkg/Library/BaseLib/SafeString.c | 4 +- > MdePkg/MdePkg.uni | 6 ++ > 5 files changed, 71 insertions(+), 30 deletions(-) >=20 > -- > 2.21.0 (Apple Git-122.2) >=20 >=20 > -=3D-=3D-=3D-=3D-=3D-=3D > Groups.io Links: You receive all messages sent to this > group. >=20 > View/Reply Online (#52837): > https://edk2.groups.io/g/devel/message/52837 > Mute This Topic: https://groups.io/mt/69401948/1643496 > Group Owner: devel+owner@edk2.groups.io > Unsubscribe: https://edk2.groups.io/g/devel/unsub > [michael.d.kinney@intel.com] > -=3D-=3D-=3D-=3D-=3D-=3D