From: Laszlo Ersek <lersek@redhat.com>
To: Ard Biesheuvel <ard.biesheuvel@linaro.org>,
edk2-devel@ml01.01.org, leif.lindholm@linaro.org
Subject: Re: [PATCH 5/9] EmbeddedPkg/AndroidFastboot: eliminate deprecated string function calls
Date: Tue, 25 Oct 2016 14:40:44 +0200 [thread overview]
Message-ID: <de8a1143-e558-74d2-29e8-56a8d0833486@redhat.com> (raw)
In-Reply-To: <1477330907-13733-6-git-send-email-ard.biesheuvel@linaro.org>
On 10/24/16 19:41, Ard Biesheuvel wrote:
> Get rid of calls to unsafe string functions. These are deprecated and may
> be removed in the future.
>
> Contributed-under: TianoCore Contribution Agreement 1.0
> Signed-off-by: Ard Biesheuvel <ard.biesheuvel@linaro.org>
> ---
> EmbeddedPkg/Application/AndroidFastboot/AndroidBootImg.c | 3 ++-
> EmbeddedPkg/Application/AndroidFastboot/AndroidFastbootApp.c | 4 ++--
> 2 files changed, 4 insertions(+), 3 deletions(-)
>
> diff --git a/EmbeddedPkg/Application/AndroidFastboot/AndroidBootImg.c b/EmbeddedPkg/Application/AndroidFastboot/AndroidBootImg.c
> index bbca90fc08a2..f3e770bcc980 100644
> --- a/EmbeddedPkg/Application/AndroidFastboot/AndroidBootImg.c
> +++ b/EmbeddedPkg/Application/AndroidFastboot/AndroidBootImg.c
> @@ -84,7 +84,8 @@ ParseAndroidBootImg (
> + ALIGN_VALUE (Header->KernelSize, Header->PageSize));
> }
>
> - AsciiStrnCpy (KernelArgs, Header->KernelArgs, BOOTIMG_KERNEL_ARGS_SIZE);
> + AsciiStrnCpyS (KernelArgs, BOOTIMG_KERNEL_ARGS_SIZE, Header->KernelArgs,
> + BOOTIMG_KERNEL_ARGS_SIZE);
>
> return EFI_SUCCESS;
> }
This loses the zero padding, but I guess that's okay. Is fine otherwise.
> diff --git a/EmbeddedPkg/Application/AndroidFastboot/AndroidFastbootApp.c b/EmbeddedPkg/Application/AndroidFastboot/AndroidFastbootApp.c
> index 9ddc34f57cf4..960218b25241 100644
> --- a/EmbeddedPkg/Application/AndroidFastboot/AndroidFastbootApp.c
> +++ b/EmbeddedPkg/Application/AndroidFastboot/AndroidFastbootApp.c
> @@ -127,7 +127,7 @@ HandleDownload (
> if (mDataBuffer == NULL) {
> SEND_LITERAL ("FAILNot enough memory");
> } else {
> - AsciiStrnCpy (Response + 4, NumBytesString, 8);
> + AsciiStrnCpyS (Response + 4, mNumDataBytes, NumBytesString, 8);
> mTransport->Send (sizeof(Response), Response, &mFatalSendErrorEvent);
>
> mState = ExpectDataState;
I don't think this is right. Here we're trying to copy no more than 8
characters from NumBytesString into Response, after the "DATA" prefix.
mNumDataBytes is the decimal value of NumBytesString, and it's unrelated
to this formatting.
What we could do is
AsciiStrnCpyS (Response + 4, sizeof Response - 4, NumBytesString, 8)
in order to remain "surgical". However, that's not right again, because
AsciiStrnCpyS() *always* NUL-terminates, and here we only have
CHAR8 Response[12] = "DATA";
i.e., no room for values above 0x0FFF_FFFF. Another issue is that the
zero padding of AsciiStrnCpy() would be lost, and we actually send the
zero padding to the wire.
So, the real fix is, in my opinion:
* resize Response to 4 + 8 + 1 == 13 bytes,
* format it like this:
ZeroMem (Response, sizeof Response);
AsciiSPrint (Response, sizeof Response, "DATA%x",
(UINT32)mNumDataBytes);
* send it like this:
mTransport->Send (sizeof Response - 1, Response,
&mFatalSendErrorEvent);
> @@ -257,7 +257,7 @@ AcceptCmd (
> }
>
> // Commands aren't null-terminated. Let's get a null-terminated version.
> - AsciiStrnCpy (Command, Data, Size);
> + AsciiStrnCpyS (Command, sizeof Command, Data, Size);
> Command[Size] = '\0';
>
> // Parse command
>
This looks good, but the explicit NUL-termination can be dropped, as
AsciiStrnCpyS() enforces that internally.
Thanks
Laszlo
next prev parent reply other threads:[~2016-10-25 12:40 UTC|newest]
Thread overview: 15+ messages / expand[flat|nested] mbox.gz Atom feed top
2016-10-24 17:41 [PATCH 0/9] EmbeddedPkg: eliminate calls to deprecated functions Ard Biesheuvel
2016-10-24 17:41 ` [PATCH 1/9] EmbeddedPkg/AndroidFastbootTransportTcpDxe: remove broken hostname handling Ard Biesheuvel
2016-10-24 17:41 ` [PATCH 2/9] EmbeddedPkg: remove unused PrePiHobListPointerLib Ard Biesheuvel
2016-10-24 17:41 ` [PATCH 3/9] EmbeddedPkg: add missing modules Ard Biesheuvel
2016-10-24 17:41 ` [PATCH 4/9] EmbeddedPkg/GdbDebugAgent: fix VOID* cast of incorrect size Ard Biesheuvel
2016-10-25 12:16 ` Laszlo Ersek
2016-10-24 17:41 ` [PATCH 5/9] EmbeddedPkg/AndroidFastboot: eliminate deprecated string function calls Ard Biesheuvel
2016-10-25 12:40 ` Laszlo Ersek [this message]
2016-10-24 17:41 ` [PATCH 6/9] EmbeddedPkg/Ebl: " Ard Biesheuvel
2016-10-25 13:34 ` Laszlo Ersek
2016-10-24 17:41 ` [PATCH 7/9] EmbeddedPkg/EfiFileLib: " Ard Biesheuvel
2016-10-25 14:20 ` Laszlo Ersek
2016-10-24 17:41 ` [PATCH 8/9] EmbeddedPkg/MmcDxe: " Ard Biesheuvel
2016-10-25 13:49 ` Laszlo Ersek
2016-10-24 17:41 ` [PATCH 9/9] EmbeddedPkg: enable -DDISABLE_NEW_DEPRECATED_INTERFACES Ard Biesheuvel
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-list from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=de8a1143-e558-74d2-29e8-56a8d0833486@redhat.com \
--to=devel@edk2.groups.io \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox