From nobody Fri Nov  1 10:24:30 2024
Delivered-To: importer@patchew.org
Authentication-Results: mx.zohomail.com;
	spf=none (zoho.com: 198.145.21.10 is neither permitted nor denied by domain
 of lists.01.org)  smtp.mailfrom=edk2-devel-bounces@lists.01.org
Return-Path: <edk2-devel-bounces@lists.01.org>
Received: from ml01.01.org (ml01.01.org [198.145.21.10]) by mx.zohomail.com
	with SMTPS id 1517568479538282.3393327867075;
 Fri, 2 Feb 2018 02:47:59 -0800 (PST)
Received: from [127.0.0.1] (localhost [IPv6:::1])
	by ml01.01.org (Postfix) with ESMTP id 9B08B2215BD97;
	Fri,  2 Feb 2018 02:42:19 -0800 (PST)
Received: from mga02.intel.com (mga02.intel.com [134.134.136.20])
 (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits))
 (No client certificate requested)
 by ml01.01.org (Postfix) with ESMTPS id ABE3B21E0B9E3
 for <edk2-devel@lists.01.org>; Fri,  2 Feb 2018 02:42:18 -0800 (PST)
Received: from orsmga008.jf.intel.com ([10.7.209.65])
 by orsmga101.jf.intel.com with ESMTP/TLS/DHE-RSA-AES256-GCM-SHA384;
 02 Feb 2018 02:47:56 -0800
Received: from ray-dev.ccr.corp.intel.com ([10.239.9.19])
 by orsmga008.jf.intel.com with ESMTP; 02 Feb 2018 02:47:55 -0800
X-Original-To: edk2-devel@lists.01.org
Received-SPF: none (zoho.com: 198.145.21.10 is neither permitted nor denied by
 domain of lists.01.org) client-ip=198.145.21.10;
 envelope-from=edk2-devel-bounces@lists.01.org; helo=ml01.01.org;
Received-SPF: Pass (sender SPF authorized) identity=mailfrom;
 client-ip=134.134.136.20; helo=mga02.intel.com;
 envelope-from=ruiyu.ni@intel.com; receiver=edk2-devel@lists.01.org
X-Amp-Result: SKIPPED(no attachment in message)
X-Amp-File-Uploaded: False
X-ExtLoop1: 1
X-IronPort-AV: E=Sophos;i="5.46,448,1511856000"; d="scan'208";a="14941576"
From: Ruiyu Ni <ruiyu.ni@intel.com>
To: edk2-devel@lists.01.org
Date: Fri,  2 Feb 2018 18:47:53 +0800
Message-Id: <20180202104753.94568-1-ruiyu.ni@intel.com>
X-Mailer: git-send-email 2.16.1.windows.1
Subject: [edk2] [PATCH] MdePkg/SafeString: Directly return when length of
 source string is 0
X-BeenThere: edk2-devel@lists.01.org
X-Mailman-Version: 2.1.23
Precedence: list
List-Id: EDK II Development  <edk2-devel.lists.01.org>
List-Unsubscribe: <https://lists.01.org/mailman/options/edk2-devel>,
 <mailto:edk2-devel-request@lists.01.org?subject=unsubscribe>
List-Archive: <http://lists.01.org/pipermail/edk2-devel/>
List-Post: <mailto:edk2-devel@lists.01.org>
List-Help: <mailto:edk2-devel-request@lists.01.org?subject=help>
List-Subscribe: <https://lists.01.org/mailman/listinfo/edk2-devel>,
 <mailto:edk2-devel-request@lists.01.org?subject=subscribe>
Cc: Jiewen Yao <jiewen.yao@intel.com>, Liming Gao <liming.gao@intel.com>
MIME-Version: 1.0
Content-Transfer-Encoding: quoted-printable
Errors-To: edk2-devel-bounces@lists.01.org
Sender: "edk2-devel" <edk2-devel-bounces@lists.01.org>
X-ZohoMail: RSF_4  Z_629925259 SPT_0
Content-Type: text/plain; charset="utf-8"

Today's implementation of [Ascii]StrnCpyS/[Ascii]StrnCatS doesn't
directly return the the length of source string is 0.

When length of source string is 0, it means the Source points to
a memory that shouldn't be deferenced at all.
So it's not proper to call StrnLenS() in such situation.
In a pool guard enabled environment, when using shell to edit an
existing file which contains empty line, the page fault is met.

The patch fixes the four library functions to align to the behavior
of non-safe version: directly return when length of source string
is 0.

Contributed-under: TianoCore Contribution Agreement 1.1
Signed-off-by: Ruiyu Ni <ruiyu.ni@intel.com>
Cc: Jiewen Yao <jiewen.yao@intel.com>
Cc: Liming Gao <liming.gao@intel.com>
Cc: Jian J Wang <jian.j.wang@intel.com>
Reviewed-by: Jian J Wang <jian.j.wang@intel.com>
Reviewed-by: Laszlo Ersek <lersek@redhat.com>
---
 MdePkg/Library/BaseLib/SafeString.c | 18 +++++++++++++++++-
 1 file changed, 17 insertions(+), 1 deletion(-)

diff --git a/MdePkg/Library/BaseLib/SafeString.c b/MdePkg/Library/BaseLib/S=
afeString.c
index 68c33e9b7b..fed818ef33 100644
--- a/MdePkg/Library/BaseLib/SafeString.c
+++ b/MdePkg/Library/BaseLib/SafeString.c
@@ -1,7 +1,7 @@
 /** @file
   Safe String functions.
=20
-  Copyright (c) 2014 - 2017, Intel Corporation. All rights reserved.<BR>
+  Copyright (c) 2014 - 2018, Intel Corporation. All rights reserved.<BR>
   This program and the accompanying materials
   are licensed and made available under the terms and conditions of the BS=
D License
   which accompanies this distribution.  The full text of the license may b=
e found at
@@ -317,6 +317,10 @@ StrnCpyS (
 {
   UINTN            SourceLen;
=20
+  if (Length =3D=3D 0) {
+    return RETURN_SUCCESS;
+  }
+
   ASSERT (((UINTN) Destination & BIT0) =3D=3D 0);
   ASSERT (((UINTN) Source & BIT0) =3D=3D 0);
=20
@@ -515,6 +519,10 @@ StrnCatS (
   UINTN               CopyLen;
   UINTN               SourceLen;
=20
+  if (Length =3D=3D 0) {
+    return RETURN_SUCCESS;
+  }
+
   ASSERT (((UINTN) Destination & BIT0) =3D=3D 0);
   ASSERT (((UINTN) Source & BIT0) =3D=3D 0);
=20
@@ -1894,6 +1902,10 @@ AsciiStrnCpyS (
 {
   UINTN            SourceLen;
=20
+  if (Length =3D=3D 0) {
+    return RETURN_SUCCESS;
+  }
+
   //
   // 1. Neither Destination nor Source shall be a null pointer.
   //
@@ -2082,6 +2094,10 @@ AsciiStrnCatS (
   UINTN               CopyLen;
   UINTN               SourceLen;
=20
+  if (Length =3D=3D 0) {
+    return RETURN_SUCCESS;
+  }
+
   //
   // Let CopyLen denote the value DestMax - AsciiStrnLenS(Destination, Des=
tMax) upon entry to AsciiStrnCatS.
   //
--=20
2.16.1.windows.1

_______________________________________________
edk2-devel mailing list
edk2-devel@lists.01.org
https://lists.01.org/mailman/listinfo/edk2-devel