From nobody Tue May 7 13:46:04 2024 Delivered-To: importer@patchew.org Received-SPF: pass (zohomail.com: domain of groups.io designates 66.175.222.108 as permitted sender) client-ip=66.175.222.108; envelope-from=bounce+27952+80028+1787277+3901457@groups.io; helo=mail02.groups.io; Authentication-Results: mx.zohomail.com; dkim=pass; spf=pass (zohomail.com: domain of groups.io designates 66.175.222.108 as permitted sender) smtp.mailfrom=bounce+27952+80028+1787277+3901457@groups.io; dmarc=fail(p=none dis=none) header.from=intel.com ARC-Seal: i=1; a=rsa-sha256; t=1630444844; cv=none; d=zohomail.com; s=zohoarc; b=OEv+0pOKzT8+A1jsivVArxhkQe/BqUW2JEakOD07m0uSZBcucF3/SXEyUEuR5LbOA84S+LX8H5UbO0KuscnzYsU3UUoHXlg6LPxrwv1U8CfeDeVakBJR9STOxHAANuVfMkr6AJcETr1JQobiGCQ6d/jXUaCw0dA7M93NCVuM938= ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=zohomail.com; s=zohoarc; t=1630444844; h=Content-Transfer-Encoding:Cc:Date:From:List-Subscribe:List-Id:List-Help:List-Unsubscribe:MIME-Version:Message-ID:Reply-To:Sender:Subject:To; bh=ue13+sdrUVeLzIL52ps14rEc5QDNeATMg1i/tBumt28=; b=UDaVUnH5zP9WqJYT5cs/wSB5vVvxCIZ+WPcdPi9RoNHYntZ1Ka2L8Yl+c/rZqaoLgV99nMRzSiSLNCLNsbcd6PqlJEvcTd03HJj5g4uDXxCFMpTGBtXTukhr6RukO1DSnK3IsqDzNMo9fXBj7258BxW3468ua6X94NxUZFF8d+A= ARC-Authentication-Results: i=1; mx.zohomail.com; dkim=pass; spf=pass (zohomail.com: domain of groups.io designates 66.175.222.108 as permitted sender) smtp.mailfrom=bounce+27952+80028+1787277+3901457@groups.io; dmarc=fail header.from= (p=none dis=none) Received: from mail02.groups.io (mail02.groups.io [66.175.222.108]) by mx.zohomail.com with SMTPS id 1630444844901945.7174750007889; Tue, 31 Aug 2021 14:20:44 -0700 (PDT) Return-Path: X-Received: by 127.0.0.2 with SMTP id jPMbYY1788612xrpQiFCKpYr; Tue, 31 Aug 2021 14:20:44 -0700 X-Received: from mga02.intel.com (mga02.intel.com [134.134.136.20]) by mx.groups.io with SMTP id smtpd.web10.966.1630444843118963328 for ; Tue, 31 Aug 2021 14:20:43 -0700 X-IronPort-AV: E=McAfee;i="6200,9189,10093"; a="205793937" X-IronPort-AV: E=Sophos;i="5.84,367,1620716400"; d="scan'208";a="205793937" X-Received: from orsmga003.jf.intel.com ([10.7.209.27]) by orsmga101.jf.intel.com with ESMTP/TLS/ECDHE-RSA-AES256-GCM-SHA384; 31 Aug 2021 14:20:42 -0700 X-IronPort-AV: E=Sophos;i="5.84,367,1620716400"; d="scan'208";a="428315992" X-Received: from mdkinney-mobl2.amr.corp.intel.com ([10.251.12.118]) by orsmga003-auth.jf.intel.com with ESMTP/TLS/ECDHE-RSA-AES256-GCM-SHA384; 31 Aug 2021 14:20:41 -0700 From: "Michael D Kinney" To: devel@edk2.groups.io Cc: Jayaprakash Nevara , Rebecca Cran Subject: [edk2-devel] [edk2-libc Patch] StdLib: Update libs for safe string functional issues Date: Tue, 31 Aug 2021 14:20:29 -0700 Message-Id: <20210831212029.1435-1-michael.d.kinney@intel.com> MIME-Version: 1.0 Precedence: Bulk List-Unsubscribe: List-Subscribe: List-Help: Sender: devel@edk2.groups.io List-Id: Mailing-List: list devel@edk2.groups.io; contact devel+owner@edk2.groups.io Reply-To: devel@edk2.groups.io,michael.d.kinney@intel.com X-Gm-Message-State: fG8Kd5RXPWe7oMs7WqHtARcLx1787277AA= Content-Transfer-Encoding: quoted-printable DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=groups.io; q=dns/txt; s=20140610; t=1630444844; bh=b0tqSm0xPsWm7xKVtZwR9Rs937qTTnOi63gT9DCbu/c=; h=Cc:Date:From:Reply-To:Subject:To; b=dHA5goT5J3fkNgKGucQa9Vjoy07LkrRowzqOLnksP65s1MDt2Y3yuTwbFVsaZR9ZqqV LnB9y/0Cx5PFTdlDJ2j828AfWVsHe+09LZqMT4DRsVER0EW8e4q6c1naZiehAHp/aducv 54CIXPfH0MwJjXVLXTN82TrX1Ct8RhhIHLY= X-ZohoMail-DKIM: pass (identity @groups.io) X-ZM-MESSAGEID: 1630444846739100002 Content-Type: text/plain; charset="utf-8" From: Jayaprakash Nevara REF: https://bugzilla.tianocore.org/show_bug.cgi?id=3D3361 Update use of safe string functions that incorrectly assume that the maximum size of a string is UNICODE_STRING_MAX. This assumption is breaking some standard C applications. Cc: Rebecca Cran Cc: Jayaprakash Nevara Signed-off-by: Michael D Kinney Reviewed-by: Rebecca Cran --- StdLib/LibC/StdLib/Environs.c | 2 +- StdLib/LibC/StdLib/realpath.c | 19 ++++++++++++++++--- StdLib/LibC/String/Concatenation.c | 4 ++-- StdLib/LibC/String/Copying.c | 5 ++--- StdLib/LibC/Uefi/Devices/Utility/Path.c | 17 +++++++++++------ StdLib/LibC/Uefi/SysCalls.c | 8 ++++++-- StdLib/LibC/Wchar/Concatenation.c | 4 ++-- StdLib/LibC/Wchar/Copying.c | 4 ++-- StdLib/PosixLib/GetPass/GetPass.c | 11 +++++++---- 9 files changed, 49 insertions(+), 25 deletions(-) diff --git a/StdLib/LibC/StdLib/Environs.c b/StdLib/LibC/StdLib/Environs.c index ad56629..e8cfd6d 100644 --- a/StdLib/LibC/StdLib/Environs.c +++ b/StdLib/LibC/StdLib/Environs.c @@ -180,7 +180,7 @@ char *getenv(const char *name) (void)AsciiStrToUnicodeStrS (name, gMD->UString, UNICODE_STRING_MAX); EfiEnv =3D ShellGetEnvironmentVariable(gMD->UString); if(EfiEnv !=3D NULL) { - (void)UnicodeStrToAsciiStrS (EfiEnv, gMD->ASgetenv, UNICODE_STRING_MAX= ); + (void)UnicodeStrToAsciiStrS (EfiEnv, gMD->ASgetenv, ASCII_STRING_MAX); retval =3D gMD->ASgetenv; } =20 diff --git a/StdLib/LibC/StdLib/realpath.c b/StdLib/LibC/StdLib/realpath.c index a8ff1e9..3d4118d 100644 --- a/StdLib/LibC/StdLib/realpath.c +++ b/StdLib/LibC/StdLib/realpath.c @@ -38,7 +38,9 @@ realpath( char *resolved_name ) { - CHAR16 *Temp; + RETURN_STATUS Status; + CHAR16 *Temp; + if (file_name =3D=3D NULL || resolved_name =3D=3D NULL) { errno =3D EINVAL; return (NULL); @@ -48,8 +50,19 @@ realpath( errno =3D ENOMEM; return (NULL); } - AsciiStrToUnicodeStrS (file_name, Temp, UNICODE_STRING_MAX); + Status =3D AsciiStrToUnicodeStrS (file_name, Temp, AsciiStrLen (file_nam= e) + 1); + if (RETURN_ERROR (Status)) { + errno =3D EINVAL; + return NULL; + } + PathCleanUpDirectories(Temp); - UnicodeStrToAsciiStrS (Temp, resolved_name, UNICODE_STRING_MAX); + + Status =3D UnicodeStrToAsciiStrS (Temp, resolved_name, AsciiStrLen (file= _name) + 1); + if (RETURN_ERROR (Status)) { + errno =3D EINVAL; + return NULL; + } + return (resolved_name); } diff --git a/StdLib/LibC/String/Concatenation.c b/StdLib/LibC/String/Concat= enation.c index f78836f..ed13588 100644 --- a/StdLib/LibC/String/Concatenation.c +++ b/StdLib/LibC/String/Concatenation.c @@ -29,7 +29,7 @@ char * strcat(char * __restrict s1, const char * __restrict s2) { - AsciiStrCatS (s1, UNICODE_STRING_MAX, s2); + AsciiStrCatS (s1, AsciiStrLen (s1) + AsciiStrLen(s2) + 1, s2); return s1; } =20 @@ -45,7 +45,7 @@ strcat(char * __restrict s1, const char * __restrict s2) char * strncat(char * __restrict s1, const char * __restrict s2, size_t n) { - AsciiStrnCatS (s1, UNICODE_STRING_MAX, s2, n); + AsciiStrnCatS (s1, AsciiStrLen (s1) + 1 + (UINTN)n, s2, n); return s1; } =20 diff --git a/StdLib/LibC/String/Copying.c b/StdLib/LibC/String/Copying.c index cc2077a..c296714 100644 --- a/StdLib/LibC/String/Copying.c +++ b/StdLib/LibC/String/Copying.c @@ -16,7 +16,6 @@ =20 #include =20 -#include #include #include =20 @@ -74,7 +73,7 @@ strcpy(char * __restrict s1, const char * __restrict s2) =20 //while ( *s1++ =3D *s2++) /* Empty Body */; //return(s1ret); - AsciiStrCpyS (s1, UNICODE_STRING_MAX, s2); + AsciiStrCpyS (s1, AsciiStrLen (s2) + 1, s2); return s1; } =20 @@ -91,7 +90,7 @@ strcpy(char * __restrict s1, const char * __restrict s2) **/ char *strncpy(char * __restrict s1, const char * __restrict s2, size_t= n) { - AsciiStrnCpyS (s1, UNICODE_STRING_MAX, s2, n); + AsciiStrnCpyS (s1, n, s2, n); return s1; //char *dest =3D s1; =20 diff --git a/StdLib/LibC/Uefi/Devices/Utility/Path.c b/StdLib/LibC/Uefi/Dev= ices/Utility/Path.c index fe19196..be315bf 100644 --- a/StdLib/LibC/Uefi/Devices/Utility/Path.c +++ b/StdLib/LibC/Uefi/Devices/Utility/Path.c @@ -105,12 +105,17 @@ ClassifyPath( wchar_t * NormalizePath( const char *path) { - wchar_t *temp; - wchar_t *OldPath; - wchar_t *NewPath; - size_t Length; - - AsciiStrToUnicodeStrS (path, gMD->UString, UNICODE_STRING_MAX); + RETURN_STATUS Status; + wchar_t *temp; + wchar_t *OldPath; + wchar_t *NewPath; + size_t Length; + + Status =3D AsciiStrToUnicodeStrS (path, gMD->UString, UNICODE_STRING_MAX= ); + if (RETURN_ERROR (Status)) { + errno =3D EINVAL; + EFIerrno =3D Status; + } OldPath =3D gMD->UString; Length =3D wcslen(OldPath) + 1; =20 diff --git a/StdLib/LibC/Uefi/SysCalls.c b/StdLib/LibC/Uefi/SysCalls.c index e83b723..0c8dcc1 100644 --- a/StdLib/LibC/Uefi/SysCalls.c +++ b/StdLib/LibC/Uefi/SysCalls.c @@ -1304,7 +1304,8 @@ write (int fd, const void *buf, size_t nbyte) char *getcwd (char *buf, size_t size) { - CONST CHAR16 *Cwd; + RETURN_STATUS Status; + CONST CHAR16 *Cwd; =20 if (size =3D=3D 0 || buf =3D=3D NULL) { errno =3D EINVAL; @@ -1320,7 +1321,10 @@ char errno =3D ERANGE; return (NULL); } - UnicodeStrToAsciiStrS (Cwd, buf, UNICODE_STRING_MAX); + Status =3D UnicodeStrToAsciiStrS (Cwd, buf, size); + if (RETURN_ERROR (Status)) { + return NULL; + } return buf; } =20 diff --git a/StdLib/LibC/Wchar/Concatenation.c b/StdLib/LibC/Wchar/Concaten= ation.c index 7289240..288e1d6 100644 --- a/StdLib/LibC/Wchar/Concatenation.c +++ b/StdLib/LibC/Wchar/Concatenation.c @@ -31,7 +31,7 @@ **/ wchar_t *wcscat(wchar_t * __restrict s1, const wchar_t * __restrict s2) { - StrCatS ((CHAR16 *)s1, UNICODE_STRING_MAX, (CONST CHAR16 *)s2); + StrCatS ((CHAR16 *)s1, StrLen (s1) + StrLen (s2) + 1, (CONST CHAR16 *)s2= ); return s1; } =20 @@ -45,6 +45,6 @@ wchar_t *wcscat(wchar_t * __restrict s1, const wchar_t * = __restrict s2) **/ wchar_t *wcsncat(wchar_t * __restrict s1, const wchar_t * __restrict s2, s= ize_t n) { - StrnCatS ((CHAR16 *)s1, UNICODE_STRING_MAX, (CONST CHAR16 *)s2, (UINTN)n= ); + StrnCatS ((CHAR16 *)s1, StrLen (s1) + 1 + (UINTN)n, (CONST CHAR16 *)s2, = (UINTN)n); return s1; } diff --git a/StdLib/LibC/Wchar/Copying.c b/StdLib/LibC/Wchar/Copying.c index 848c834..45ceda7 100644 --- a/StdLib/LibC/Wchar/Copying.c +++ b/StdLib/LibC/Wchar/Copying.c @@ -29,7 +29,7 @@ **/ wchar_t *wcscpy(wchar_t * __restrict s1, const wchar_t * __restrict s2) { - return (wchar_t *)StrCpyS ((CHAR16 *)s1, UNICODE_STRING_MAX, (CONST CHAR= 16 *)s2); + return (wchar_t *)StrCpyS ((CHAR16 *)s1, StrLen (s2) + 1, (CONST CHAR16 = *)s2); } =20 /** The wcsncpy function copies not more than n wide characters (those that @@ -44,7 +44,7 @@ wchar_t *wcscpy(wchar_t * __restrict s1, const wchar_t * = __restrict s2) **/ wchar_t *wcsncpy(wchar_t * __restrict s1, const wchar_t * __restrict s2, s= ize_t n) { - return (wchar_t *)StrnCpyS ((CHAR16 *)s1, UNICODE_STRING_MAX, (CONST CHA= R16 *)s2, (UINTN)n); + return (wchar_t *)StrnCpyS ((CHAR16 *)s1, (UINTN)n, (CONST CHAR16 *)s2, = (UINTN)n); } =20 /** The wmemcpy function copies n wide characters from the object pointed = to by diff --git a/StdLib/PosixLib/GetPass/GetPass.c b/StdLib/PosixLib/GetPass/Ge= tPass.c index 8657827..f14c59e 100644 --- a/StdLib/PosixLib/GetPass/GetPass.c +++ b/StdLib/PosixLib/GetPass/GetPass.c @@ -15,14 +15,14 @@ #include #include #include -#include =20 static CHAR8 *ReturnStringAscii =3D NULL; =20 char *getpass(const char *Prompt) { - BOOLEAN Ascii; - CHAR16 *ReturnString; + RETURN_STATUS Status; + BOOLEAN Ascii; + CHAR16 *ReturnString; =20 Ascii =3D FALSE; =20 @@ -38,7 +38,10 @@ char *getpass(const char *Prompt) return (NULL); } =20 - UnicodeStrToAsciiStrS(ReturnString, ReturnStringAscii, UNICODE_STRING_MA= X); + Status =3D UnicodeStrToAsciiStrS(ReturnString, ReturnStringAscii, StrLen= (ReturnString) + 1); + if (RETURN_ERROR (Status)) { + ReturnStringAscii =3D NULL; + } =20 FreePool(ReturnString); =20 --=20 2.32.0.windows.1 -=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D- Groups.io Links: You receive all messages sent to this group. View/Reply Online (#80028): https://edk2.groups.io/g/devel/message/80028 Mute This Topic: https://groups.io/mt/85287406/1787277 Group Owner: devel+owner@edk2.groups.io Unsubscribe: https://edk2.groups.io/g/devel/unsub [importer@patchew.org] -=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-=3D-