From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Received: from mga01.intel.com (mga01.intel.com [192.55.52.88]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ml01.01.org (Postfix) with ESMTPS id 3F4FB821EB for ; Mon, 20 Feb 2017 03:13:06 -0800 (PST) Received: from fmsmga002.fm.intel.com ([10.253.24.26]) by fmsmga101.fm.intel.com with ESMTP/TLS/DHE-RSA-AES256-GCM-SHA384; 20 Feb 2017 03:13:05 -0800 X-ExtLoop1: 1 X-IronPort-AV: E=Sophos;i="5.35,186,1484035200"; d="scan'208";a="1132326823" Received: from fmsmsx105.amr.corp.intel.com ([10.18.124.203]) by fmsmga002.fm.intel.com with ESMTP; 20 Feb 2017 03:13:05 -0800 Received: from fmsmsx125.amr.corp.intel.com (10.18.125.40) by FMSMSX105.amr.corp.intel.com (10.18.124.203) with Microsoft SMTP Server (TLS) id 14.3.248.2; Mon, 20 Feb 2017 03:13:05 -0800 Received: from shsmsx103.ccr.corp.intel.com (10.239.4.69) by FMSMSX125.amr.corp.intel.com (10.18.125.40) with Microsoft SMTP Server (TLS) id 14.3.248.2; Mon, 20 Feb 2017 03:13:05 -0800 Received: from shsmsx102.ccr.corp.intel.com ([169.254.2.88]) by SHSMSX103.ccr.corp.intel.com ([10.239.4.69]) with mapi id 14.03.0248.002; Mon, 20 Feb 2017 19:13:03 +0800 From: "Dong, Eric" To: "Bi, Dandan" , "edk2-devel@lists.01.org" CC: "Gao, Liming" Thread-Topic: [edk2] [patch] MdeModulePkg/HiiDatabase: clean the value before setting default string Thread-Index: AQHSizcs++zASL3o+EC9lmd5dZ5sBpY6alMQ Date: Mon, 20 Feb 2017 11:13:03 +0000 Message-ID: References: <1487567149-274444-1-git-send-email-dandan.bi@intel.com> <1487567149-274444-2-git-send-email-dandan.bi@intel.com> In-Reply-To: <1487567149-274444-2-git-send-email-dandan.bi@intel.com> Accept-Language: en-US X-MS-Has-Attach: X-MS-TNEF-Correlator: x-originating-ip: [10.239.127.40] MIME-Version: 1.0 Subject: Re: [patch] MdeModulePkg/HiiDatabase: clean the value before setting default string X-BeenThere: edk2-devel@lists.01.org X-Mailman-Version: 2.1.21 Precedence: list List-Id: EDK II Development List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Mon, 20 Feb 2017 11:13:06 -0000 Content-Language: en-US Content-Type: text/plain; charset="us-ascii" Content-Transfer-Encoding: quoted-printable Dandan, You need to also add check to avoid string size exceed the width. Thanks, Eric > -----Original Message----- > From: edk2-devel [mailto:edk2-devel-bounces@lists.01.org] On Behalf Of Da= ndan Bi > Sent: Monday, February 20, 2017 1:06 PM > To: edk2-devel@lists.01.org > Cc: Dong, Eric; Gao, Liming > Subject: [edk2] [patch] MdeModulePkg/HiiDatabase: clean the value before = setting default string >=20 > For string op-code, the default string may not exceed the > maximum size, so when generating string, we should > clean the value before setting the default string. >=20 > https://bugzilla.tianocore.org/show_bug.cgi?id=3D375 >=20 > Cc: Eric Dong > Cc: Liming Gao > Contributed-under: TianoCore Contribution Agreement 1.0 > Signed-off-by: Dandan Bi > --- > MdeModulePkg/Universal/HiiDatabaseDxe/ConfigRouting.c | 12 ++++++++++-- > 1 file changed, 10 insertions(+), 2 deletions(-) >=20 > diff --git a/MdeModulePkg/Universal/HiiDatabaseDxe/ConfigRouting.c b/MdeM= odulePkg/Universal/HiiDatabaseDxe/ConfigRouting.c > index d547f42..1878106 100644 > --- a/MdeModulePkg/Universal/HiiDatabaseDxe/ConfigRouting.c > +++ b/MdeModulePkg/Universal/HiiDatabaseDxe/ConfigRouting.c > @@ -1,9 +1,9 @@ > /** @file > Implementation of interfaces function for EFI_HII_CONFIG_ROUTING_PROTOCO= L. >=20 > -Copyright (c) 2007 - 2016, Intel Corporation. All rights reserved.
> +Copyright (c) 2007 - 2017, Intel Corporation. All rights reserved.
> This program and the accompanying materials > are licensed and made available under the terms and conditions of the BS= D License > which accompanies this distribution. The full text of the license may b= e found at > http://opensource.org/licenses/bsd-license.php >=20 > @@ -3696,21 +3696,29 @@ GenerateAltConfigResp ( > // Convert Value to a hex string in "%x" format > // NOTE: This is in the opposite byte that GUID and PATH use > // > if (BlockData->OpCode =3D=3D EFI_IFR_STRING_OP){ > DefaultString =3D InternalGetString(HiiHandle, DefaultValueD= ata->Value.string); > - TmpBuffer =3D (UINT8 *) DefaultString; > + TmpBuffer =3D AllocateZeroPool (Width); > + ASSERT (TmpBuffer !=3D NULL); > + if (DefaultString !=3D NULL) { > + CopyMem (TmpBuffer, (UINT8 *) DefaultString, StrLen(DefaultS= tring)* sizeof (CHAR16)); > + } > } else { > TmpBuffer =3D (UINT8 *) &(DefaultValueData->Value); > } > for (; Width > 0 && (TmpBuffer !=3D NULL); Width--) { > StringPtr +=3D UnicodeValueToString (StringPtr, PREFIX_ZERO | = RADIX_HEX, TmpBuffer[Width - 1], 2); > } > if (DefaultString !=3D NULL){ > FreePool(DefaultString); > DefaultString =3D NULL; > } > + if (BlockData->OpCode =3D=3D EFI_IFR_STRING_OP && TmpBuffer !=3D= NULL) { > + FreePool(TmpBuffer); > + TmpBuffer =3D NULL; > + } > } > } > } >=20 > HiiToLower (*DefaultAltCfgResp); > -- > 1.9.5.msysgit.1 >=20 > _______________________________________________ > edk2-devel mailing list > edk2-devel@lists.01.org > https://lists.01.org/mailman/listinfo/edk2-devel