From: "Michael D Kinney" <michael.d.kinney@intel.com>
To: Vitaly Cheptsov <cheptsov@ispras.ru>,
"Kinney, Michael D" <michael.d.kinney@intel.com>
Cc: "devel@edk2.groups.io" <devel@edk2.groups.io>,
"Andrew Fish" <afish@apple.com>,
"Ard Biesheuvel" <ard.biesheuvel@linaro.org>,
"Bret Barkelew" <bret.barkelew@microsoft.com>,
"Brian J . Johnson" <brian.johnson@hpe.com>,
"Chiu, Chasel" <chasel.chiu@intel.com>,
"Justen, Jordan L" <jordan.l.justen@intel.com>,
"Laszlo Ersek" <lersek@redhat.com>,
"Leif Lindholm" <leif@nuviainc.com>,
"Gao, Liming" <liming.gao@intel.com>,
"Marvin Häuser" <mhaeuser@outlook.de>,
"Zimmer, Vincent" <vincent.zimmer@intel.com>,
"Gao, Zhichao" <zhichao.gao@intel.com>
Subject: Re: [edk2-devel] [PATCH V7 1/1] MdePkg: Fix SafeString performing assertions on runtime checks
Date: Wed, 20 May 2020 02:48:56 +0000 [thread overview]
Message-ID: <MN2PR11MB44617958891AA94CB113C419D2B60@MN2PR11MB4461.namprd11.prod.outlook.com> (raw)
In-Reply-To: <F1C102BB-467B-46CF-A567-A5CDFF1D03BD@ispras.ru>
Hi Vitaly,
I think this should work. ASSERT() removed. DEBUG_VERBOSE message added.
#define SAFE_STRING_CONSTRAINT_CHECK(Expression, Status) \
do { \
if (!(Expression)) { \
DEBUG ((DEBUG_VERBOSE, "SAFE_STRING_CONSTRAINT_CHECK(%a) failed. Return %r\n", #Expression, Status)); \
return Status; \
} \
} while (FALSE)
I have made this change in the following PR to run the all the CI checks
and also added a unit test to verify the ASSERT() has been replaced with
a DEBUG_VERBOSE message. I made some minor updates to the commit
messages to pass PatchCheck.py.
https://github.com/tianocore/edk2/pull/632
This is a portion of the CI build log that shows the host based unit
test running and generates the DEBUG_VERBOSE messages for the negative
test cases sent to StrCpyS().
INFO - ---------------------------------------------------------
INFO - RUNNING TEST SUITE: Safe String
INFO - ---------------------------------------------------------
INFO - d:\a\1\s\MdePkg\Library\BaseLib\SafeString.c(236) StrCpyS: SAFE_STRING_CONSTRAINT_CHECK((Destination != NULL)) failed. Return Invalid Parameter
INFO - d:\a\1\s\MdePkg\Library\BaseLib\SafeString.c(237) StrCpyS: SAFE_STRING_CONSTRAINT_CHECK((Source != NULL)) failed. Return Invalid Parameter
INFO - d:\a\1\s\MdePkg\Library\BaseLib\SafeString.c(243) StrCpyS: SAFE_STRING_CONSTRAINT_CHECK((DestMax <= RSIZE_MAX)) failed. Return Invalid Parameter
INFO - d:\a\1\s\MdePkg\Library\BaseLib\SafeString.c(249) StrCpyS: SAFE_STRING_CONSTRAINT_CHECK((DestMax != 0)) failed. Return Invalid Parameter
INFO - d:\a\1\s\MdePkg\Library\BaseLib\SafeString.c(255) StrCpyS: SAFE_STRING_CONSTRAINT_CHECK((DestMax > SourceLen)) failed. Return Buffer Too Small
INFO - d:\a\1\s\MdePkg\Library\BaseLib\SafeString.c(255) StrCpyS: SAFE_STRING_CONSTRAINT_CHECK((DestMax > SourceLen)) failed. Return Buffer Too Small
INFO - d:\a\1\s\MdePkg\Library\BaseLib\SafeString.c(260) StrCpyS: SAFE_STRING_CONSTRAINT_CHECK(InternalSafeStringNoStrOverlap (Destination, DestMax, (CHAR16 *)Source, SourceLen + 1)) failed. Return Access Denied
INFO - ------------------------------------------------
INFO - --------------Cmd Output Finished---------------
I will send the updated V8 series email patches for review shortly.
Best regards,
Mike
> -----Original Message-----
> From: Vitaly Cheptsov <cheptsov@ispras.ru>
> Sent: Monday, May 18, 2020 11:08 AM
> To: Kinney, Michael D <michael.d.kinney@intel.com>
> Cc: devel@edk2.groups.io; Andrew Fish
> <afish@apple.com>; Ard Biesheuvel
> <ard.biesheuvel@linaro.org>; Bret Barkelew
> <bret.barkelew@microsoft.com>; Brian J . Johnson
> <brian.johnson@hpe.com>; Chiu, Chasel
> <chasel.chiu@intel.com>; Justen, Jordan L
> <jordan.l.justen@intel.com>; Laszlo Ersek
> <lersek@redhat.com>; Leif Lindholm <leif@nuviainc.com>;
> Gao, Liming <liming.gao@intel.com>; Marvin Häuser
> <mhaeuser@outlook.de>; Zimmer, Vincent
> <vincent.zimmer@intel.com>; Gao, Zhichao
> <zhichao.gao@intel.com>
> Subject: Re: [edk2-devel] [PATCH V7 1/1] MdePkg: Fix
> SafeString performing assertions on runtime checks
>
> Mike,
>
> Your suggestion sounds ok to me. As long as it is
> verbose I will not mind its addition. However, I do not
> have a good idea of how can it look like. If you post
> something I can include it.
>
> Thanks,
> Vitaly
>
> > 18 мая 2020 г., в 20:04, Kinney, Michael D
> <michael.d.kinney@intel.com> написал(а):
> >
> > Vitaly,
> >
> > Reviewed-by: Michael D Kinney
> <michael.d.kinney@intel.com>
> >
> > I agree that can go in now for the stable tag.
> >
> > The only additional comment I have received is if a
> DEBUG() message
> > can be added where the ASSERT() was removed. Perhaps
> only at the
> > DEBUG_VERBOSE level that is not usually enabled by
> default. A
> > developer that wants to see
> SAFE_STRING_CONSTRAINT_CHECK() conditions
> > that fail would need to enable DEBUG_VERBOSE
> messages.
> >
> > Thanks,
> >
> > Mike
> >
> >
> >> -----Original Message-----
> >> From: devel@edk2.groups.io <devel@edk2.groups.io> On
> >> Behalf Of Vitaly Cheptsov
> >> Sent: Thursday, May 14, 2020 10:32 AM
> >> To: devel@edk2.groups.io
> >> Cc: Andrew Fish <afish@apple.com>; Ard Biesheuvel
> >> <ard.biesheuvel@linaro.org>; Bret Barkelew
> >> <bret.barkelew@microsoft.com>; Brian J . Johnson
> >> <brian.johnson@hpe.com>; Chiu, Chasel
> >> <chasel.chiu@intel.com>; Justen, Jordan L
> >> <jordan.l.justen@intel.com>; Laszlo Ersek
> >> <lersek@redhat.com>; Leif Lindholm
> <leif@nuviainc.com>;
> >> Gao, Liming <liming.gao@intel.com>; Marvin Häuser
> >> <mhaeuser@outlook.de>; Kinney, Michael D
> >> <michael.d.kinney@intel.com>; Zimmer, Vincent
> >> <vincent.zimmer@intel.com>; Gao, Zhichao
> >> <zhichao.gao@intel.com>
> >> Subject: [edk2-devel] [PATCH V7 1/1] MdePkg: Fix
> >> SafeString performing assertions on runtime checks
> >>
> >> REF:
> >> https://bugzilla.tianocore.org/show_bug.cgi?id=2054
> >>
> >> Runtime checks returned via status return code
> should
> >> not work as
> >> assertions to permit parsing not trusted data with
> >> SafeString
> >> interfaces.
> >>
> >> CC: Andrew Fish <afish@apple.com>
> >> CC: Ard Biesheuvel <ard.biesheuvel@linaro.org>
> >> CC: Bret Barkelew <bret.barkelew@microsoft.com>
> >> CC: Brian J. Johnson <brian.johnson@hpe.com>
> >> CC: Chasel Chiu <chasel.chiu@intel.com>
> >> CC: Jordan Justen <jordan.l.justen@intel.com>
> >> CC: Laszlo Ersek <lersek@redhat.com>
> >> CC: Leif Lindholm <leif@nuviainc.com>
> >> CC: Liming Gao <liming.gao@intel.com>
> >> CC: Marvin Häuser <mhaeuser@outlook.de>
> >> CC: Mike Kinney <michael.d.kinney@intel.com>
> >> CC: Vincent Zimmer <vincent.zimmer@intel.com>
> >> CC: Zhichao Gao <zhichao.gao@intel.com>
> >> Signed-off-by: Vitaly Cheptsov
> <vit9696@protonmail.com>
> >> ---
> >> MdePkg/Include/Library/BaseLib.h | 111 ----------
> --
> >> -------
> >> MdePkg/Library/BaseLib/SafeString.c | 112 ----------
> --
> >> --------
> >> 2 files changed, 223 deletions(-)
> >>
> >> diff --git a/MdePkg/Include/Library/BaseLib.h
> >> b/MdePkg/Include/Library/BaseLib.h
> >> index ecadff8b23..2c194ad943 100644
> >> --- a/MdePkg/Include/Library/BaseLib.h
> >> +++ b/MdePkg/Include/Library/BaseLib.h
> >> @@ -189,7 +189,6 @@ StrnSizeS (
> >>
> >>
> >>
> >> If Destination is not aligned on a 16-bit
> boundary,
> >> then ASSERT().
> >>
> >>
> >> If Source is not aligned on a 16-bit boundary,
> then
> >> ASSERT().
> >>
> >>
> >> - If an error would be returned, then the function
> >> will also ASSERT().
> >>
> >>
> >>
> >>
> >>
> >> If an error is returned, then the Destination is
> >> unmodified.
> >>
> >>
> >>
> >>
> >>
> >> @@ -225,7 +224,6 @@ StrCpyS (
> >>
> >>
> >>
> >> If Length > 0 and Destination is not aligned on a
> >> 16-bit boundary, then ASSERT().
> >>
> >>
> >> If Length > 0 and Source is not aligned on a 16-
> bit
> >> boundary, then ASSERT().
> >>
> >>
> >> - If an error would be returned, then the function
> >> will also ASSERT().
> >>
> >>
> >>
> >>
> >>
> >> If an error is returned, then the Destination is
> >> unmodified.
> >>
> >>
> >>
> >>
> >>
> >> @@ -263,7 +261,6 @@ StrnCpyS (
> >>
> >>
> >>
> >> If Destination is not aligned on a 16-bit
> boundary,
> >> then ASSERT().
> >>
> >>
> >> If Source is not aligned on a 16-bit boundary,
> then
> >> ASSERT().
> >>
> >>
> >> - If an error would be returned, then the function
> >> will also ASSERT().
> >>
> >>
> >>
> >>
> >>
> >> If an error is returned, then the Destination is
> >> unmodified.
> >>
> >>
> >>
> >>
> >>
> >> @@ -303,7 +300,6 @@ StrCatS (
> >>
> >>
> >>
> >> If Destination is not aligned on a 16-bit
> boundary,
> >> then ASSERT().
> >>
> >>
> >> If Source is not aligned on a 16-bit boundary,
> then
> >> ASSERT().
> >>
> >>
> >> - If an error would be returned, then the function
> >> will also ASSERT().
> >>
> >>
> >>
> >>
> >>
> >> If an error is returned, then the Destination is
> >> unmodified.
> >>
> >>
> >>
> >>
> >>
> >> @@ -350,12 +346,7 @@ StrnCatS (
> >> be ignored. Then, the function stops at the first
> >> character that is a not a
> >>
> >>
> >> valid decimal character or a Null-terminator,
> >> whichever one comes first.
> >>
> >>
> >>
> >>
> >>
> >> - If String is NULL, then ASSERT().
> >>
> >>
> >> - If Data is NULL, then ASSERT().
> >>
> >>
> >> If String is not aligned in a 16-bit boundary,
> then
> >> ASSERT().
> >>
> >>
> >> - If PcdMaximumUnicodeStringLength is not zero, and
> >> String contains more than
> >>
> >>
> >> - PcdMaximumUnicodeStringLength Unicode characters,
> >> not including the
> >>
> >>
> >> - Null-terminator, then ASSERT().
> >>
> >>
> >>
> >>
> >>
> >> If String has no valid decimal digits in the above
> >> format, then 0 is stored
> >>
> >>
> >> at the location pointed to by Data.
> >>
> >>
> >> @@ -406,12 +397,7 @@ StrDecimalToUintnS (
> >> be ignored. Then, the function stops at the first
> >> character that is a not a
> >>
> >>
> >> valid decimal character or a Null-terminator,
> >> whichever one comes first.
> >>
> >>
> >>
> >>
> >>
> >> - If String is NULL, then ASSERT().
> >>
> >>
> >> - If Data is NULL, then ASSERT().
> >>
> >>
> >> If String is not aligned in a 16-bit boundary,
> then
> >> ASSERT().
> >>
> >>
> >> - If PcdMaximumUnicodeStringLength is not zero, and
> >> String contains more than
> >>
> >>
> >> - PcdMaximumUnicodeStringLength Unicode characters,
> >> not including the
> >>
> >>
> >> - Null-terminator, then ASSERT().
> >>
> >>
> >>
> >>
> >>
> >> If String has no valid decimal digits in the above
> >> format, then 0 is stored
> >>
> >>
> >> at the location pointed to by Data.
> >>
> >>
> >> @@ -467,12 +453,7 @@ StrDecimalToUint64S (
> >> the first character that is a not a valid
> >> hexadecimal character or NULL,
> >>
> >>
> >> whichever one comes first.
> >>
> >>
> >>
> >>
> >>
> >> - If String is NULL, then ASSERT().
> >>
> >>
> >> - If Data is NULL, then ASSERT().
> >>
> >>
> >> If String is not aligned in a 16-bit boundary,
> then
> >> ASSERT().
> >>
> >>
> >> - If PcdMaximumUnicodeStringLength is not zero, and
> >> String contains more than
> >>
> >>
> >> - PcdMaximumUnicodeStringLength Unicode characters,
> >> not including the
> >>
> >>
> >> - Null-terminator, then ASSERT().
> >>
> >>
> >>
> >>
> >>
> >> If String has no valid hexadecimal digits in the
> >> above format, then 0 is
> >>
> >>
> >> stored at the location pointed to by Data.
> >>
> >>
> >> @@ -528,12 +509,7 @@ StrHexToUintnS (
> >> the first character that is a not a valid
> >> hexadecimal character or NULL,
> >>
> >>
> >> whichever one comes first.
> >>
> >>
> >>
> >>
> >>
> >> - If String is NULL, then ASSERT().
> >>
> >>
> >> - If Data is NULL, then ASSERT().
> >>
> >>
> >> If String is not aligned in a 16-bit boundary,
> then
> >> ASSERT().
> >>
> >>
> >> - If PcdMaximumUnicodeStringLength is not zero, and
> >> String contains more than
> >>
> >>
> >> - PcdMaximumUnicodeStringLength Unicode characters,
> >> not including the
> >>
> >>
> >> - Null-terminator, then ASSERT().
> >>
> >>
> >>
> >>
> >>
> >> If String has no valid hexadecimal digits in the
> >> above format, then 0 is
> >>
> >>
> >> stored at the location pointed to by Data.
> >>
> >>
> >> @@ -622,8 +598,6 @@ AsciiStrnSizeS (
> >>
> >>
> >>
> >> This function is similar as strcpy_s defined in
> C11.
> >>
> >>
> >>
> >>
> >>
> >> - If an error would be returned, then the function
> >> will also ASSERT().
> >>
> >>
> >> -
> >>
> >>
> >> If an error is returned, then the Destination is
> >> unmodified.
> >>
> >>
> >>
> >>
> >>
> >> @param Destination A pointer to a
> >> Null-terminated Ascii string.
> >>
> >>
> >> @@ -656,8 +630,6 @@ AsciiStrCpyS (
> >>
> >>
> >>
> >> This function is similar as strncpy_s defined in
> >> C11.
> >>
> >>
> >>
> >>
> >>
> >> - If an error would be returned, then the function
> >> will also ASSERT().
> >>
> >>
> >> -
> >>
> >>
> >> If an error is returned, then the Destination is
> >> unmodified.
> >>
> >>
> >>
> >>
> >>
> >> @param Destination A pointer to a
> >> Null-terminated Ascii string.
> >>
> >>
> >> @@ -692,8 +664,6 @@ AsciiStrnCpyS (
> >>
> >>
> >>
> >> This function is similar as strcat_s defined in
> C11.
> >>
> >>
> >>
> >>
> >>
> >> - If an error would be returned, then the function
> >> will also ASSERT().
> >>
> >>
> >> -
> >>
> >>
> >> If an error is returned, then the Destination is
> >> unmodified.
> >>
> >>
> >>
> >>
> >>
> >> @param Destination A pointer to a
> >> Null-terminated Ascii string.
> >>
> >>
> >> @@ -730,8 +700,6 @@ AsciiStrCatS (
> >>
> >>
> >>
> >> This function is similar as strncat_s defined in
> >> C11.
> >>
> >>
> >>
> >>
> >>
> >> - If an error would be returned, then the function
> >> will also ASSERT().
> >>
> >>
> >> -
> >>
> >>
> >> If an error is returned, then the Destination is
> >> unmodified.
> >>
> >>
> >>
> >>
> >>
> >> @param Destination A pointer to a
> >> Null-terminated Ascii string.
> >>
> >>
> >> @@ -777,12 +745,6 @@ AsciiStrnCatS (
> >> be ignored. Then, the function stops at the first
> >> character that is a not a
> >>
> >>
> >> valid decimal character or a Null-terminator,
> >> whichever one comes first.
> >>
> >>
> >>
> >>
> >>
> >> - If String is NULL, then ASSERT().
> >>
> >>
> >> - If Data is NULL, then ASSERT().
> >>
> >>
> >> - If PcdMaximumAsciiStringLength is not zero, and
> >> String contains more than
> >>
> >>
> >> - PcdMaximumAsciiStringLength Ascii characters, not
> >> including the
> >>
> >>
> >> - Null-terminator, then ASSERT().
> >>
> >>
> >> -
> >>
> >>
> >> If String has no valid decimal digits in the above
> >> format, then 0 is stored
> >>
> >>
> >> at the location pointed to by Data.
> >>
> >>
> >> If the number represented by String exceeds the
> >> range defined by UINTN, then
> >>
> >>
> >> @@ -832,12 +794,6 @@ AsciiStrDecimalToUintnS (
> >> be ignored. Then, the function stops at the first
> >> character that is a not a
> >>
> >>
> >> valid decimal character or a Null-terminator,
> >> whichever one comes first.
> >>
> >>
> >>
> >>
> >>
> >> - If String is NULL, then ASSERT().
> >>
> >>
> >> - If Data is NULL, then ASSERT().
> >>
> >>
> >> - If PcdMaximumAsciiStringLength is not zero, and
> >> String contains more than
> >>
> >>
> >> - PcdMaximumAsciiStringLength Ascii characters, not
> >> including the
> >>
> >>
> >> - Null-terminator, then ASSERT().
> >>
> >>
> >> -
> >>
> >>
> >> If String has no valid decimal digits in the above
> >> format, then 0 is stored
> >>
> >>
> >> at the location pointed to by Data.
> >>
> >>
> >> If the number represented by String exceeds the
> >> range defined by UINT64, then
> >>
> >>
> >> @@ -891,12 +847,6 @@ AsciiStrDecimalToUint64S (
> >> character that is a not a valid hexadecimal
> >> character or Null-terminator,
> >>
> >>
> >> whichever on comes first.
> >>
> >>
> >>
> >>
> >>
> >> - If String is NULL, then ASSERT().
> >>
> >>
> >> - If Data is NULL, then ASSERT().
> >>
> >>
> >> - If PcdMaximumAsciiStringLength is not zero, and
> >> String contains more than
> >>
> >>
> >> - PcdMaximumAsciiStringLength Ascii characters, not
> >> including the
> >>
> >>
> >> - Null-terminator, then ASSERT().
> >>
> >>
> >> -
> >>
> >>
> >> If String has no valid hexadecimal digits in the
> >> above format, then 0 is
> >>
> >>
> >> stored at the location pointed to by Data.
> >>
> >>
> >> If the number represented by String exceeds the
> >> range defined by UINTN, then
> >>
> >>
> >> @@ -950,12 +900,6 @@ AsciiStrHexToUintnS (
> >> character that is a not a valid hexadecimal
> >> character or Null-terminator,
> >>
> >>
> >> whichever on comes first.
> >>
> >>
> >>
> >>
> >>
> >> - If String is NULL, then ASSERT().
> >>
> >>
> >> - If Data is NULL, then ASSERT().
> >>
> >>
> >> - If PcdMaximumAsciiStringLength is not zero, and
> >> String contains more than
> >>
> >>
> >> - PcdMaximumAsciiStringLength Ascii characters, not
> >> including the
> >>
> >>
> >> - Null-terminator, then ASSERT().
> >>
> >>
> >> -
> >>
> >>
> >> If String has no valid hexadecimal digits in the
> >> above format, then 0 is
> >>
> >>
> >> stored at the location pointed to by Data.
> >>
> >>
> >> If the number represented by String exceeds the
> >> range defined by UINT64, then
> >>
> >>
> >> @@ -1506,16 +1450,8 @@ StrHexToUint64 (
> >> "::" can be used to compress one or more groups of
> X
> >> when X contains only 0.
> >>
> >>
> >> The "::" can only appear once in the String.
> >>
> >>
> >>
> >>
> >>
> >> - If String is NULL, then ASSERT().
> >>
> >>
> >> -
> >>
> >>
> >> - If Address is NULL, then ASSERT().
> >>
> >>
> >> -
> >>
> >>
> >> If String is not aligned in a 16-bit boundary,
> then
> >> ASSERT().
> >>
> >>
> >>
> >>
> >>
> >> - If PcdMaximumUnicodeStringLength is not zero, and
> >> String contains more than
> >>
> >>
> >> - PcdMaximumUnicodeStringLength Unicode characters,
> >> not including the
> >>
> >>
> >> - Null-terminator, then ASSERT().
> >>
> >>
> >> -
> >>
> >>
> >> If EndPointer is not NULL and Address is
> translated
> >> from String, a pointer
> >>
> >>
> >> to the character that stopped the scan is stored
> at
> >> the location pointed to
> >>
> >>
> >> by EndPointer.
> >>
> >>
> >> @@ -1567,16 +1503,8 @@ StrToIpv6Address (
> >> When /P is in the String, the function stops at
> the
> >> first character that is not
> >>
> >>
> >> a valid decimal digit character after P is
> >> converted.
> >>
> >>
> >>
> >>
> >>
> >> - If String is NULL, then ASSERT().
> >>
> >>
> >> -
> >>
> >>
> >> - If Address is NULL, then ASSERT().
> >>
> >>
> >> -
> >>
> >>
> >> If String is not aligned in a 16-bit boundary,
> then
> >> ASSERT().
> >>
> >>
> >>
> >>
> >>
> >> - If PcdMaximumUnicodeStringLength is not zero, and
> >> String contains more than
> >>
> >>
> >> - PcdMaximumUnicodeStringLength Unicode characters,
> >> not including the
> >>
> >>
> >> - Null-terminator, then ASSERT().
> >>
> >>
> >> -
> >>
> >>
> >> If EndPointer is not NULL and Address is
> translated
> >> from String, a pointer
> >>
> >>
> >> to the character that stopped the scan is stored
> at
> >> the location pointed to
> >>
> >>
> >> by EndPointer.
> >>
> >>
> >> @@ -1640,8 +1568,6 @@ StrToIpv4Address (
> >> oo Data4[48:55]
> >>
> >>
> >> pp Data4[56:63]
> >>
> >>
> >>
> >>
> >>
> >> - If String is NULL, then ASSERT().
> >>
> >>
> >> - If Guid is NULL, then ASSERT().
> >>
> >>
> >> If String is not aligned in a 16-bit boundary,
> then
> >> ASSERT().
> >>
> >>
> >>
> >>
> >>
> >> @param String Pointer to a
> Null-
> >> terminated Unicode string.
> >>
> >>
> >> @@ -1676,17 +1602,6 @@ StrToGuid (
> >>
> >>
> >>
> >> If String is not aligned in a 16-bit boundary,
> then
> >> ASSERT().
> >>
> >>
> >>
> >>
> >>
> >> - If String is NULL, then ASSERT().
> >>
> >>
> >> -
> >>
> >>
> >> - If Buffer is NULL, then ASSERT().
> >>
> >>
> >> -
> >>
> >>
> >> - If Length is not multiple of 2, then ASSERT().
> >>
> >>
> >> -
> >>
> >>
> >> - If PcdMaximumUnicodeStringLength is not zero and
> >> Length is greater than
> >>
> >>
> >> - PcdMaximumUnicodeStringLength, then ASSERT().
> >>
> >>
> >> -
> >>
> >>
> >> - If MaxBufferSize is less than (Length / 2), then
> >> ASSERT().
> >>
> >>
> >> -
> >>
> >>
> >> @param String Pointer to a
> Null-
> >> terminated Unicode string.
> >>
> >>
> >> @param Length The number of
> >> Unicode characters to decode.
> >>
> >>
> >> @param Buffer Pointer to the
> >> converted bytes array.
> >>
> >>
> >> @@ -1777,7 +1692,6 @@ UnicodeStrToAsciiStr (
> >> the upper 8 bits, then ASSERT().
> >>
> >>
> >>
> >>
> >>
> >> If Source is not aligned on a 16-bit boundary,
> then
> >> ASSERT().
> >>
> >>
> >> - If an error would be returned, then the function
> >> will also ASSERT().
> >>
> >>
> >>
> >>
> >>
> >> If an error is returned, then the Destination is
> >> unmodified.
> >>
> >>
> >>
> >>
> >>
> >> @@ -1824,7 +1738,6 @@ UnicodeStrToAsciiStrS (
> >> If any Unicode characters in Source contain non-
> zero
> >> value in the upper 8
> >>
> >>
> >> bits, then ASSERT().
> >>
> >>
> >> If Source is not aligned on a 16-bit boundary,
> then
> >> ASSERT().
> >>
> >>
> >> - If an error would be returned, then the function
> >> will also ASSERT().
> >>
> >>
> >>
> >>
> >>
> >> If an error is returned, then the Destination is
> >> unmodified.
> >>
> >>
> >>
> >>
> >>
> >> @@ -2388,10 +2301,6 @@ AsciiStrHexToUint64 (
> >> "::" can be used to compress one or more groups of
> X
> >> when X contains only 0.
> >>
> >>
> >> The "::" can only appear once in the String.
> >>
> >>
> >>
> >>
> >>
> >> - If String is NULL, then ASSERT().
> >>
> >>
> >> -
> >>
> >>
> >> - If Address is NULL, then ASSERT().
> >>
> >>
> >> -
> >>
> >>
> >> If EndPointer is not NULL and Address is
> translated
> >> from String, a pointer
> >>
> >>
> >> to the character that stopped the scan is stored
> at
> >> the location pointed to
> >>
> >>
> >> by EndPointer.
> >>
> >>
> >> @@ -2443,10 +2352,6 @@ AsciiStrToIpv6Address (
> >> When /P is in the String, the function stops at
> the
> >> first character that is not
> >>
> >>
> >> a valid decimal digit character after P is
> >> converted.
> >>
> >>
> >>
> >>
> >>
> >> - If String is NULL, then ASSERT().
> >>
> >>
> >> -
> >>
> >>
> >> - If Address is NULL, then ASSERT().
> >>
> >>
> >> -
> >>
> >>
> >> If EndPointer is not NULL and Address is
> translated
> >> from String, a pointer
> >>
> >>
> >> to the character that stopped the scan is stored
> at
> >> the location pointed to
> >>
> >>
> >> by EndPointer.
> >>
> >>
> >> @@ -2508,9 +2413,6 @@ AsciiStrToIpv4Address (
> >> oo Data4[48:55]
> >>
> >>
> >> pp Data4[56:63]
> >>
> >>
> >>
> >>
> >>
> >> - If String is NULL, then ASSERT().
> >>
> >>
> >> - If Guid is NULL, then ASSERT().
> >>
> >>
> >> -
> >>
> >>
> >> @param String Pointer to a
> Null-
> >> terminated ASCII string.
> >>
> >>
> >> @param Guid Pointer to the
> >> converted GUID.
> >>
> >>
> >>
> >>
> >>
> >> @@ -2541,17 +2443,6 @@ AsciiStrToGuid (
> >> decoding stops after Length of characters and
> >> outputs Buffer containing
> >>
> >>
> >> (Length / 2) bytes.
> >>
> >>
> >>
> >>
> >>
> >> - If String is NULL, then ASSERT().
> >>
> >>
> >> -
> >>
> >>
> >> - If Buffer is NULL, then ASSERT().
> >>
> >>
> >> -
> >>
> >>
> >> - If Length is not multiple of 2, then ASSERT().
> >>
> >>
> >> -
> >>
> >>
> >> - If PcdMaximumAsciiStringLength is not zero and
> >> Length is greater than
> >>
> >>
> >> - PcdMaximumAsciiStringLength, then ASSERT().
> >>
> >>
> >> -
> >>
> >>
> >> - If MaxBufferSize is less than (Length / 2), then
> >> ASSERT().
> >>
> >>
> >> -
> >>
> >>
> >> @param String Pointer to a
> Null-
> >> terminated ASCII string.
> >>
> >>
> >> @param Length The number of
> ASCII
> >> characters to decode.
> >>
> >>
> >> @param Buffer Pointer to the
> >> converted bytes array.
> >>
> >>
> >> @@ -2632,7 +2523,6 @@ AsciiStrToUnicodeStr (
> >> equal or greater than ((AsciiStrLen (Source) + 1)
> *
> >> sizeof (CHAR16)) in bytes.
> >>
> >>
> >>
> >>
> >>
> >> If Destination is not aligned on a 16-bit
> boundary,
> >> then ASSERT().
> >>
> >>
> >> - If an error would be returned, then the function
> >> will also ASSERT().
> >>
> >>
> >>
> >>
> >>
> >> If an error is returned, then the Destination is
> >> unmodified.
> >>
> >>
> >>
> >>
> >>
> >> @@ -2678,7 +2568,6 @@ AsciiStrToUnicodeStrS (
> >> ((MIN(AsciiStrLen(Source), Length) + 1) * sizeof
> >> (CHAR8)) in bytes.
> >>
> >>
> >>
> >>
> >>
> >> If Destination is not aligned on a 16-bit
> boundary,
> >> then ASSERT().
> >>
> >>
> >> - If an error would be returned, then the function
> >> will also ASSERT().
> >>
> >>
> >>
> >>
> >>
> >> If an error is returned, then Destination and
> >> DestinationLength are
> >>
> >>
> >> unmodified.
> >>
> >>
> >> diff --git a/MdePkg/Library/BaseLib/SafeString.c
> >> b/MdePkg/Library/BaseLib/SafeString.c
> >> index 7dc03d2caa..41d9137b83 100644
> >> --- a/MdePkg/Library/BaseLib/SafeString.c
> >> +++ b/MdePkg/Library/BaseLib/SafeString.c
> >> @@ -14,7 +14,6 @@
> >>
> >>
> >>
> >> #define SAFE_STRING_CONSTRAINT_CHECK(Expression,
> >> Status) \
> >>
> >>
> >> do { \
> >>
> >>
> >> - ASSERT (Expression); \
> >>
> >>
> >> if (!(Expression)) { \
> >>
> >>
> >> return Status; \
> >>
> >>
> >> } \
> >>
> >>
> >> @@ -197,7 +196,6 @@ StrnSizeS (
> >>
> >>
> >>
> >> If Destination is not aligned on a 16-bit
> boundary,
> >> then ASSERT().
> >>
> >>
> >> If Source is not aligned on a 16-bit boundary,
> then
> >> ASSERT().
> >>
> >>
> >> - If an error would be returned, then the function
> >> will also ASSERT().
> >>
> >>
> >>
> >>
> >>
> >> If an error is returned, then the Destination is
> >> unmodified.
> >>
> >>
> >>
> >>
> >>
> >> @@ -279,7 +277,6 @@ StrCpyS (
> >>
> >>
> >>
> >> If Length > 0 and Destination is not aligned on a
> >> 16-bit boundary, then ASSERT().
> >>
> >>
> >> If Length > 0 and Source is not aligned on a 16-
> bit
> >> boundary, then ASSERT().
> >>
> >>
> >> - If an error would be returned, then the function
> >> will also ASSERT().
> >>
> >>
> >>
> >>
> >>
> >> If an error is returned, then the Destination is
> >> unmodified.
> >>
> >>
> >>
> >>
> >>
> >> @@ -372,7 +369,6 @@ StrnCpyS (
> >>
> >>
> >>
> >> If Destination is not aligned on a 16-bit
> boundary,
> >> then ASSERT().
> >>
> >>
> >> If Source is not aligned on a 16-bit boundary,
> then
> >> ASSERT().
> >>
> >>
> >> - If an error would be returned, then the function
> >> will also ASSERT().
> >>
> >>
> >>
> >>
> >>
> >> If an error is returned, then the Destination is
> >> unmodified.
> >>
> >>
> >>
> >>
> >>
> >> @@ -473,7 +469,6 @@ StrCatS (
> >>
> >>
> >>
> >> If Destination is not aligned on a 16-bit
> boundary,
> >> then ASSERT().
> >>
> >>
> >> If Source is not aligned on a 16-bit boundary,
> then
> >> ASSERT().
> >>
> >>
> >> - If an error would be returned, then the function
> >> will also ASSERT().
> >>
> >>
> >>
> >>
> >>
> >> If an error is returned, then the Destination is
> >> unmodified.
> >>
> >>
> >>
> >>
> >>
> >> @@ -590,12 +585,7 @@ StrnCatS (
> >> be ignored. Then, the function stops at the first
> >> character that is a not a
> >>
> >>
> >> valid decimal character or a Null-terminator,
> >> whichever one comes first.
> >>
> >>
> >>
> >>
> >>
> >> - If String is NULL, then ASSERT().
> >>
> >>
> >> - If Data is NULL, then ASSERT().
> >>
> >>
> >> If String is not aligned in a 16-bit boundary,
> then
> >> ASSERT().
> >>
> >>
> >> - If PcdMaximumUnicodeStringLength is not zero, and
> >> String contains more than
> >>
> >>
> >> - PcdMaximumUnicodeStringLength Unicode characters,
> >> not including the
> >>
> >>
> >> - Null-terminator, then ASSERT().
> >>
> >>
> >>
> >>
> >>
> >> If String has no valid decimal digits in the above
> >> format, then 0 is stored
> >>
> >>
> >> at the location pointed to by Data.
> >>
> >>
> >> @@ -705,12 +695,7 @@ StrDecimalToUintnS (
> >> be ignored. Then, the function stops at the first
> >> character that is a not a
> >>
> >>
> >> valid decimal character or a Null-terminator,
> >> whichever one comes first.
> >>
> >>
> >>
> >>
> >>
> >> - If String is NULL, then ASSERT().
> >>
> >>
> >> - If Data is NULL, then ASSERT().
> >>
> >>
> >> If String is not aligned in a 16-bit boundary,
> then
> >> ASSERT().
> >>
> >>
> >> - If PcdMaximumUnicodeStringLength is not zero, and
> >> String contains more than
> >>
> >>
> >> - PcdMaximumUnicodeStringLength Unicode characters,
> >> not including the
> >>
> >>
> >> - Null-terminator, then ASSERT().
> >>
> >>
> >>
> >>
> >>
> >> If String has no valid decimal digits in the above
> >> format, then 0 is stored
> >>
> >>
> >> at the location pointed to by Data.
> >>
> >>
> >> @@ -825,12 +810,7 @@ StrDecimalToUint64S (
> >> the first character that is a not a valid
> >> hexadecimal character or NULL,
> >>
> >>
> >> whichever one comes first.
> >>
> >>
> >>
> >>
> >>
> >> - If String is NULL, then ASSERT().
> >>
> >>
> >> - If Data is NULL, then ASSERT().
> >>
> >>
> >> If String is not aligned in a 16-bit boundary,
> then
> >> ASSERT().
> >>
> >>
> >> - If PcdMaximumUnicodeStringLength is not zero, and
> >> String contains more than
> >>
> >>
> >> - PcdMaximumUnicodeStringLength Unicode characters,
> >> not including the
> >>
> >>
> >> - Null-terminator, then ASSERT().
> >>
> >>
> >>
> >>
> >>
> >> If String has no valid hexadecimal digits in the
> >> above format, then 0 is
> >>
> >>
> >> stored at the location pointed to by Data.
> >>
> >>
> >> @@ -956,12 +936,7 @@ StrHexToUintnS (
> >> the first character that is a not a valid
> >> hexadecimal character or NULL,
> >>
> >>
> >> whichever one comes first.
> >>
> >>
> >>
> >>
> >>
> >> - If String is NULL, then ASSERT().
> >>
> >>
> >> - If Data is NULL, then ASSERT().
> >>
> >>
> >> If String is not aligned in a 16-bit boundary,
> then
> >> ASSERT().
> >>
> >>
> >> - If PcdMaximumUnicodeStringLength is not zero, and
> >> String contains more than
> >>
> >>
> >> - PcdMaximumUnicodeStringLength Unicode characters,
> >> not including the
> >>
> >>
> >> - Null-terminator, then ASSERT().
> >>
> >>
> >>
> >>
> >>
> >> If String has no valid hexadecimal digits in the
> >> above format, then 0 is
> >>
> >>
> >> stored at the location pointed to by Data.
> >>
> >>
> >> @@ -1091,16 +1066,8 @@ StrHexToUint64S (
> >> "::" can be used to compress one or more groups of
> X
> >> when X contains only 0.
> >>
> >>
> >> The "::" can only appear once in the String.
> >>
> >>
> >>
> >>
> >>
> >> - If String is NULL, then ASSERT().
> >>
> >>
> >> -
> >>
> >>
> >> - If Address is NULL, then ASSERT().
> >>
> >>
> >> -
> >>
> >>
> >> If String is not aligned in a 16-bit boundary,
> then
> >> ASSERT().
> >>
> >>
> >>
> >>
> >>
> >> - If PcdMaximumUnicodeStringLength is not zero, and
> >> String contains more than
> >>
> >>
> >> - PcdMaximumUnicodeStringLength Unicode characters,
> >> not including the
> >>
> >>
> >> - Null-terminator, then ASSERT().
> >>
> >>
> >> -
> >>
> >>
> >> If EndPointer is not NULL and Address is
> translated
> >> from String, a pointer
> >>
> >>
> >> to the character that stopped the scan is stored
> at
> >> the location pointed to
> >>
> >>
> >> by EndPointer.
> >>
> >>
> >> @@ -1317,16 +1284,8 @@ StrToIpv6Address (
> >> When /P is in the String, the function stops at
> the
> >> first character that is not
> >>
> >>
> >> a valid decimal digit character after P is
> >> converted.
> >>
> >>
> >>
> >>
> >>
> >> - If String is NULL, then ASSERT().
> >>
> >>
> >> -
> >>
> >>
> >> - If Address is NULL, then ASSERT().
> >>
> >>
> >> -
> >>
> >>
> >> If String is not aligned in a 16-bit boundary,
> then
> >> ASSERT().
> >>
> >>
> >>
> >>
> >>
> >> - If PcdMaximumUnicodeStringLength is not zero, and
> >> String contains more than
> >>
> >>
> >> - PcdMaximumUnicodeStringLength Unicode characters,
> >> not including the
> >>
> >>
> >> - Null-terminator, then ASSERT().
> >>
> >>
> >> -
> >>
> >>
> >> If EndPointer is not NULL and Address is
> translated
> >> from String, a pointer
> >>
> >>
> >> to the character that stopped the scan is stored
> at
> >> the location pointed to
> >>
> >>
> >> by EndPointer.
> >>
> >>
> >> @@ -1482,8 +1441,6 @@ StrToIpv4Address (
> >> oo Data4[48:55]
> >>
> >>
> >> pp Data4[56:63]
> >>
> >>
> >>
> >>
> >>
> >> - If String is NULL, then ASSERT().
> >>
> >>
> >> - If Guid is NULL, then ASSERT().
> >>
> >>
> >> If String is not aligned in a 16-bit boundary,
> then
> >> ASSERT().
> >>
> >>
> >>
> >>
> >>
> >> @param String Pointer to a
> Null-
> >> terminated Unicode string.
> >>
> >>
> >> @@ -1589,17 +1546,6 @@ StrToGuid (
> >>
> >>
> >>
> >> If String is not aligned in a 16-bit boundary,
> then
> >> ASSERT().
> >>
> >>
> >>
> >>
> >>
> >> - If String is NULL, then ASSERT().
> >>
> >>
> >> -
> >>
> >>
> >> - If Buffer is NULL, then ASSERT().
> >>
> >>
> >> -
> >>
> >>
> >> - If Length is not multiple of 2, then ASSERT().
> >>
> >>
> >> -
> >>
> >>
> >> - If PcdMaximumUnicodeStringLength is not zero and
> >> Length is greater than
> >>
> >>
> >> - PcdMaximumUnicodeStringLength, then ASSERT().
> >>
> >>
> >> -
> >>
> >>
> >> - If MaxBufferSize is less than (Length / 2), then
> >> ASSERT().
> >>
> >>
> >> -
> >>
> >>
> >> @param String Pointer to a
> Null-
> >> terminated Unicode string.
> >>
> >>
> >> @param Length The number of
> >> Unicode characters to decode.
> >>
> >>
> >> @param Buffer Pointer to the
> >> converted bytes array.
> >>
> >>
> >> @@ -1779,8 +1725,6 @@ AsciiStrnSizeS (
> >>
> >>
> >>
> >> This function is similar as strcpy_s defined in
> C11.
> >>
> >>
> >>
> >>
> >>
> >> - If an error would be returned, then the function
> >> will also ASSERT().
> >>
> >>
> >> -
> >>
> >>
> >> If an error is returned, then the Destination is
> >> unmodified.
> >>
> >>
> >>
> >>
> >>
> >> @param Destination A pointer to a
> >> Null-terminated Ascii string.
> >>
> >>
> >> @@ -1856,8 +1800,6 @@ AsciiStrCpyS (
> >>
> >>
> >>
> >> This function is similar as strncpy_s defined in
> >> C11.
> >>
> >>
> >>
> >>
> >>
> >> - If an error would be returned, then the function
> >> will also ASSERT().
> >>
> >>
> >> -
> >>
> >>
> >> If an error is returned, then the Destination is
> >> unmodified.
> >>
> >>
> >>
> >>
> >>
> >> @param Destination A pointer to a
> >> Null-terminated Ascii string.
> >>
> >>
> >> @@ -1944,8 +1886,6 @@ AsciiStrnCpyS (
> >>
> >>
> >>
> >> This function is similar as strcat_s defined in
> C11.
> >>
> >>
> >>
> >>
> >>
> >> - If an error would be returned, then the function
> >> will also ASSERT().
> >>
> >>
> >> -
> >>
> >>
> >> If an error is returned, then the Destination is
> >> unmodified.
> >>
> >>
> >>
> >>
> >>
> >> @param Destination A pointer to a
> >> Null-terminated Ascii string.
> >>
> >>
> >> @@ -2040,8 +1980,6 @@ AsciiStrCatS (
> >>
> >>
> >>
> >> This function is similar as strncat_s defined in
> >> C11.
> >>
> >>
> >>
> >>
> >>
> >> - If an error would be returned, then the function
> >> will also ASSERT().
> >>
> >>
> >> -
> >>
> >>
> >> If an error is returned, then the Destination is
> >> unmodified.
> >>
> >>
> >>
> >>
> >>
> >> @param Destination A pointer to a
> >> Null-terminated Ascii string.
> >>
> >>
> >> @@ -2154,12 +2092,6 @@ AsciiStrnCatS (
> >> be ignored. Then, the function stops at the first
> >> character that is a not a
> >>
> >>
> >> valid decimal character or a Null-terminator,
> >> whichever one comes first.
> >>
> >>
> >>
> >>
> >>
> >> - If String is NULL, then ASSERT().
> >>
> >>
> >> - If Data is NULL, then ASSERT().
> >>
> >>
> >> - If PcdMaximumAsciiStringLength is not zero, and
> >> String contains more than
> >>
> >>
> >> - PcdMaximumAsciiStringLength Ascii characters, not
> >> including the
> >>
> >>
> >> - Null-terminator, then ASSERT().
> >>
> >>
> >> -
> >>
> >>
> >> If String has no valid decimal digits in the above
> >> format, then 0 is stored
> >>
> >>
> >> at the location pointed to by Data.
> >>
> >>
> >> If the number represented by String exceeds the
> >> range defined by UINTN, then
> >>
> >>
> >> @@ -2266,12 +2198,6 @@ AsciiStrDecimalToUintnS (
> >> be ignored. Then, the function stops at the first
> >> character that is a not a
> >>
> >>
> >> valid decimal character or a Null-terminator,
> >> whichever one comes first.
> >>
> >>
> >>
> >>
> >>
> >> - If String is NULL, then ASSERT().
> >>
> >>
> >> - If Data is NULL, then ASSERT().
> >>
> >>
> >> - If PcdMaximumAsciiStringLength is not zero, and
> >> String contains more than
> >>
> >>
> >> - PcdMaximumAsciiStringLength Ascii characters, not
> >> including the
> >>
> >>
> >> - Null-terminator, then ASSERT().
> >>
> >>
> >> -
> >>
> >>
> >> If String has no valid decimal digits in the above
> >> format, then 0 is stored
> >>
> >>
> >> at the location pointed to by Data.
> >>
> >>
> >> If the number represented by String exceeds the
> >> range defined by UINT64, then
> >>
> >>
> >> @@ -2382,12 +2308,6 @@ AsciiStrDecimalToUint64S (
> >> character that is a not a valid hexadecimal
> >> character or Null-terminator,
> >>
> >>
> >> whichever on comes first.
> >>
> >>
> >>
> >>
> >>
> >> - If String is NULL, then ASSERT().
> >>
> >>
> >> - If Data is NULL, then ASSERT().
> >>
> >>
> >> - If PcdMaximumAsciiStringLength is not zero, and
> >> String contains more than
> >>
> >>
> >> - PcdMaximumAsciiStringLength Ascii characters, not
> >> including the
> >>
> >>
> >> - Null-terminator, then ASSERT().
> >>
> >>
> >> -
> >>
> >>
> >> If String has no valid hexadecimal digits in the
> >> above format, then 0 is
> >>
> >>
> >> stored at the location pointed to by Data.
> >>
> >>
> >> If the number represented by String exceeds the
> >> range defined by UINTN, then
> >>
> >>
> >> @@ -2509,12 +2429,6 @@ AsciiStrHexToUintnS (
> >> character that is a not a valid hexadecimal
> >> character or Null-terminator,
> >>
> >>
> >> whichever on comes first.
> >>
> >>
> >>
> >>
> >>
> >> - If String is NULL, then ASSERT().
> >>
> >>
> >> - If Data is NULL, then ASSERT().
> >>
> >>
> >> - If PcdMaximumAsciiStringLength is not zero, and
> >> String contains more than
> >>
> >>
> >> - PcdMaximumAsciiStringLength Ascii characters, not
> >> including the
> >>
> >>
> >> - Null-terminator, then ASSERT().
> >>
> >>
> >> -
> >>
> >>
> >> If String has no valid hexadecimal digits in the
> >> above format, then 0 is
> >>
> >>
> >> stored at the location pointed to by Data.
> >>
> >>
> >> If the number represented by String exceeds the
> >> range defined by UINT64, then
> >>
> >>
> >> @@ -2635,7 +2549,6 @@ AsciiStrHexToUint64S (
> >> the upper 8 bits, then ASSERT().
> >>
> >>
> >>
> >>
> >>
> >> If Source is not aligned on a 16-bit boundary,
> then
> >> ASSERT().
> >>
> >>
> >> - If an error would be returned, then the function
> >> will also ASSERT().
> >>
> >>
> >>
> >>
> >>
> >> If an error is returned, then the Destination is
> >> unmodified.
> >>
> >>
> >>
> >>
> >>
> >> @@ -2735,7 +2648,6 @@ UnicodeStrToAsciiStrS (
> >> If any Unicode characters in Source contain non-
> zero
> >> value in the upper 8
> >>
> >>
> >> bits, then ASSERT().
> >>
> >>
> >> If Source is not aligned on a 16-bit boundary,
> then
> >> ASSERT().
> >>
> >>
> >> - If an error would be returned, then the function
> >> will also ASSERT().
> >>
> >>
> >>
> >>
> >>
> >> If an error is returned, then Destination and
> >> DestinationLength are
> >>
> >>
> >> unmodified.
> >>
> >>
> >> @@ -2855,7 +2767,6 @@ UnicodeStrnToAsciiStrS (
> >> equal or greater than ((AsciiStrLen (Source) + 1)
> *
> >> sizeof (CHAR16)) in bytes.
> >>
> >>
> >>
> >>
> >>
> >> If Destination is not aligned on a 16-bit
> boundary,
> >> then ASSERT().
> >>
> >>
> >> - If an error would be returned, then the function
> >> will also ASSERT().
> >>
> >>
> >>
> >>
> >>
> >> If an error is returned, then the Destination is
> >> unmodified.
> >>
> >>
> >>
> >>
> >>
> >> @@ -2948,7 +2859,6 @@ AsciiStrToUnicodeStrS (
> >> ((MIN(AsciiStrLen(Source), Length) + 1) * sizeof
> >> (CHAR8)) in bytes.
> >>
> >>
> >>
> >>
> >>
> >> If Destination is not aligned on a 16-bit
> boundary,
> >> then ASSERT().
> >>
> >>
> >> - If an error would be returned, then the function
> >> will also ASSERT().
> >>
> >>
> >>
> >>
> >>
> >> If an error is returned, then Destination and
> >> DestinationLength are
> >>
> >>
> >> unmodified.
> >>
> >>
> >> @@ -3072,10 +2982,6 @@ AsciiStrnToUnicodeStrS (
> >> "::" can be used to compress one or more groups of
> X
> >> when X contains only 0.
> >>
> >>
> >> The "::" can only appear once in the String.
> >>
> >>
> >>
> >>
> >>
> >> - If String is NULL, then ASSERT().
> >>
> >>
> >> -
> >>
> >>
> >> - If Address is NULL, then ASSERT().
> >>
> >>
> >> -
> >>
> >>
> >> If EndPointer is not NULL and Address is
> translated
> >> from String, a pointer
> >>
> >>
> >> to the character that stopped the scan is stored
> at
> >> the location pointed to
> >>
> >>
> >> by EndPointer.
> >>
> >>
> >> @@ -3291,10 +3197,6 @@ AsciiStrToIpv6Address (
> >> When /P is in the String, the function stops at
> the
> >> first character that is not
> >>
> >>
> >> a valid decimal digit character after P is
> >> converted.
> >>
> >>
> >>
> >>
> >>
> >> - If String is NULL, then ASSERT().
> >>
> >>
> >> -
> >>
> >>
> >> - If Address is NULL, then ASSERT().
> >>
> >>
> >> -
> >>
> >>
> >> If EndPointer is not NULL and Address is
> translated
> >> from String, a pointer
> >>
> >>
> >> to the character that stopped the scan is stored
> at
> >> the location pointed to
> >>
> >>
> >> by EndPointer.
> >>
> >>
> >> @@ -3448,9 +3350,6 @@ AsciiStrToIpv4Address (
> >> oo Data4[48:55]
> >>
> >>
> >> pp Data4[56:63]
> >>
> >>
> >>
> >>
> >>
> >> - If String is NULL, then ASSERT().
> >>
> >>
> >> - If Guid is NULL, then ASSERT().
> >>
> >>
> >> -
> >>
> >>
> >> @param String Pointer to a
> Null-
> >> terminated ASCII string.
> >>
> >>
> >> @param Guid Pointer to the
> >> converted GUID.
> >>
> >>
> >>
> >>
> >>
> >> @@ -3550,17 +3449,6 @@ AsciiStrToGuid (
> >> decoding stops after Length of characters and
> >> outputs Buffer containing
> >>
> >>
> >> (Length / 2) bytes.
> >>
> >>
> >>
> >>
> >>
> >> - If String is NULL, then ASSERT().
> >>
> >>
> >> -
> >>
> >>
> >> - If Buffer is NULL, then ASSERT().
> >>
> >>
> >> -
> >>
> >>
> >> - If Length is not multiple of 2, then ASSERT().
> >>
> >>
> >> -
> >>
> >>
> >> - If PcdMaximumAsciiStringLength is not zero and
> >> Length is greater than
> >>
> >>
> >> - PcdMaximumAsciiStringLength, then ASSERT().
> >>
> >>
> >> -
> >>
> >>
> >> - If MaxBufferSize is less than (Length / 2), then
> >> ASSERT().
> >>
> >>
> >> -
> >>
> >>
> >> @param String Pointer to a
> Null-
> >> terminated ASCII string.
> >>
> >>
> >> @param Length The number of
> ASCII
> >> characters to decode.
> >>
> >>
> >> @param Buffer Pointer to the
> >> converted bytes array.
> >>
> >>
> >> --
> >> 2.24.2 (Apple Git-127)
> >>
> >>
> >>
> >
prev parent reply other threads:[~2020-05-20 2:49 UTC|newest]
Thread overview: 6+ messages / expand[flat|nested] mbox.gz Atom feed top
2020-05-14 17:31 [PATCH V7 0/1] Disable safe string constraint assertions Vitaly Cheptsov
2020-05-14 17:31 ` [PATCH V7 1/1] MdePkg: Fix SafeString performing assertions on runtime checks Vitaly Cheptsov
2020-05-15 11:30 ` Laszlo Ersek
2020-05-18 17:04 ` [edk2-devel] " Michael D Kinney
2020-05-18 18:07 ` Vitaly Cheptsov
2020-05-20 2:48 ` Michael D Kinney [this message]
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-list from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=MN2PR11MB44617958891AA94CB113C419D2B60@MN2PR11MB4461.namprd11.prod.outlook.com \
--to=devel@edk2.groups.io \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox