From nobody Fri Nov 1 10:22:29 2024 Delivered-To: importer@patchew.org Authentication-Results: mx.zohomail.com; spf=none (zoho.com: 198.145.21.10 is neither permitted nor denied by domain of lists.01.org) smtp.mailfrom=edk2-devel-bounces@lists.01.org Return-Path: Received: from ml01.01.org (ml01.01.org [198.145.21.10]) by mx.zohomail.com with SMTPS id 1516769423204678.6185614370302; Tue, 23 Jan 2018 20:50:23 -0800 (PST) Received: from [127.0.0.1] (localhost [IPv6:::1]) by ml01.01.org (Postfix) with ESMTP id DA4112238B5A9; Tue, 23 Jan 2018 20:44:53 -0800 (PST) Received: from mga14.intel.com (mga14.intel.com [192.55.52.115]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ml01.01.org (Postfix) with ESMTPS id CFB4F22333776 for ; Tue, 23 Jan 2018 20:44:52 -0800 (PST) Received: from orsmga003.jf.intel.com ([10.7.209.27]) by fmsmga103.fm.intel.com with ESMTP/TLS/DHE-RSA-AES256-GCM-SHA384; 23 Jan 2018 20:50:20 -0800 Received: from jwang36-mobl2.ccr.corp.intel.com ([10.239.192.239]) by orsmga003.jf.intel.com with ESMTP; 23 Jan 2018 20:50:18 -0800 X-Original-To: edk2-devel@lists.01.org Received-SPF: none (zoho.com: 198.145.21.10 is neither permitted nor denied by domain of lists.01.org) client-ip=198.145.21.10; envelope-from=edk2-devel-bounces@lists.01.org; helo=ml01.01.org; Received-SPF: Pass (sender SPF authorized) identity=mailfrom; client-ip=192.55.52.115; helo=mga14.intel.com; envelope-from=jian.j.wang@intel.com; receiver=edk2-devel@lists.01.org X-Amp-Result: SKIPPED(no attachment in message) X-Amp-File-Uploaded: False X-ExtLoop1: 1 X-IronPort-AV: E=Sophos;i="5.46,405,1511856000"; d="scan'208";a="21865766" From: Jian J Wang To: edk2-devel@lists.01.org Date: Wed, 24 Jan 2018 12:50:16 +0800 Message-Id: <20180124045016.18672-1-jian.j.wang@intel.com> X-Mailer: git-send-email 2.15.1.windows.2 Subject: [edk2] [PATCH] ShellPkg/UefiShellLevel3CommandsLib: fix string over-read X-BeenThere: edk2-devel@lists.01.org X-Mailman-Version: 2.1.23 Precedence: list List-Id: EDK II Development List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Cc: Ruiyu Ni MIME-Version: 1.0 Content-Transfer-Encoding: quoted-printable Errors-To: edk2-devel-bounces@lists.01.org Sender: "edk2-devel" X-ZohoMail: RSF_4 Z_629925259 SPT_0 Content-Type: text/plain; charset="utf-8" > v2: > Keep condition "CurrentCommand !=3D NULL" as the first one. In the for-loop condition of original code, the expression *CurrentCommand !=3D CHAR_NULL=20 is put before expression CurrentCommand < SortedCommandList + SortedCommandListSize/sizeof(CHAR16) When CurrentCommand walks to the end of string buffer, one more character over the end of string buffer will be read and then stop. To fix this issue, just move the last expression to the first one. Because of short-circuit evaludation of and-expression, the following one *CurrentCommand !=3D CHAR_NULL will not be evaluated if the expression before it is evaludated as FALSE. Cc: Ruiyu Ni Contributed-under: TianoCore Contribution Agreement 1.1 Signed-off-by: Jian J Wang Reviewed-by: Ruiyu Ni --- ShellPkg/Library/UefiShellLevel3CommandsLib/Help.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/ShellPkg/Library/UefiShellLevel3CommandsLib/Help.c b/ShellPkg/= Library/UefiShellLevel3CommandsLib/Help.c index a71ade3a20..f6159c1335 100644 --- a/ShellPkg/Library/UefiShellLevel3CommandsLib/Help.c +++ b/ShellPkg/Library/UefiShellLevel3CommandsLib/Help.c @@ -397,7 +397,7 @@ ShellCommandRunHelp ( CopyListOfCommandNamesWithDynamic(&SortedCommandList, &SortedComma= ndListSize); =20 for (CurrentCommand =3D SortedCommandList=20 - ; CurrentCommand !=3D NULL && *CurrentCommand !=3D CHAR_NULL && = CurrentCommand < SortedCommandList + SortedCommandListSize/sizeof(CHAR16) + ; CurrentCommand !=3D NULL && CurrentCommand < SortedCommandList= + SortedCommandListSize/sizeof(CHAR16) && *CurrentCommand !=3D CHAR_NULL ; CurrentCommand +=3D StrLen(CurrentCommand) + 1 ) { // --=20 2.15.1.windows.2 _______________________________________________ edk2-devel mailing list edk2-devel@lists.01.org https://lists.01.org/mailman/listinfo/edk2-devel