MdePkg/BasePrintLib: Add safe print functions [A|U]ValueToStringS

Add the following 2 APIs:
UnicodeValueToStringS
AsciiValueToStringS

These safe version APIs are used to enhance their counterpart (APIs
without trailing 'S' in function names).

They perform checks to the input parameters and will return relative
status to reflect the check result.

Return RETURN_INVALID_PARAMETER when:
1). The input Buffer is NULL.
2). The input BufferSize is greater than (PcdMaximumUnicodeStringLength *
sizeof (CHAR16) + 1) for UnicodeValueToStringS or greater than
PcdMaximumAsciiStringLength for AsciiValueToStringS.
3). The input Flags is not set properly.
4). The input Width is not smaller than MAXIMUM_VALUE_CHARACTERS.

Return RETURN_BUFFER_TOO_SMALL when:
1). The input BufferSize cannot hold the converted value.

Contributed-under: TianoCore Contribution Agreement 1.0
Signed-off-by: Hao Wu <hao.a.wu@intel.com>
Reviewed-by: Liming Gao <liming.gao@intel.com>
This commit is contained in:
Hao Wu
2016-12-23 14:34:26 +08:00
parent 0b6642e60e
commit 51f0ceb4eb
4 changed files with 514 additions and 0 deletions

View File

@@ -291,6 +291,210 @@ BasePrintLibConvertValueToString (
return ((Buffer - OriginalBuffer) / Increment);
}
/**
Internal function that converts a decimal value to a Null-terminated string.
Converts the decimal number specified by Value to a Null-terminated string
specified by Buffer containing at most Width characters. If Width is 0 then a
width of MAXIMUM_VALUE_CHARACTERS is assumed. If the conversion contains more
than Width characters, then only the first Width characters are placed in
Buffer. Additional conversion parameters are specified in Flags.
The Flags bit LEFT_JUSTIFY is always ignored.
All conversions are left justified in Buffer.
If Width is 0, PREFIX_ZERO is ignored in Flags.
If COMMA_TYPE is set in Flags, then PREFIX_ZERO is ignored in Flags, and
commas are inserted every 3rd digit starting from the right.
If Value is < 0, then the fist character in Buffer is a '-'.
If PREFIX_ZERO is set in Flags and PREFIX_ZERO is not being ignored,
then Buffer is padded with '0' characters so the combination of the optional
'-' sign character, '0' characters, digit characters for Value, and the
Null-terminator add up to Width characters.
If an error would be returned, the function will ASSERT().
@param Buffer The pointer to the output buffer for the produced
Null-terminated string.
@param BufferSize The size of Buffer in bytes, including the
Null-terminator.
@param Flags The bitmask of flags that specify left justification,
zero pad, and commas.
@param Value The 64-bit signed value to convert to a string.
@param Width The maximum number of characters to place in Buffer,
not including the Null-terminator.
@param Increment The character increment in Buffer.
@retval RETURN_SUCCESS The decimal value is converted.
@retval RETURN_BUFFER_TOO_SMALL If BufferSize cannot hold the converted
value.
@retval RETURN_INVALID_PARAMETER If Buffer is NULL.
If Increment is 1 and
PcdMaximumAsciiStringLength is not zero,
BufferSize is greater than
PcdMaximumAsciiStringLength.
If Increment is not 1 and
PcdMaximumUnicodeStringLength is not zero,
BufferSize is greater than
(PcdMaximumUnicodeStringLength *
sizeof (CHAR16) + 1).
If unsupported bits are set in Flags.
If both COMMA_TYPE and RADIX_HEX are set in
Flags.
If Width >= MAXIMUM_VALUE_CHARACTERS.
**/
RETURN_STATUS
BasePrintLibConvertValueToStringS (
IN OUT CHAR8 *Buffer,
IN UINTN BufferSize,
IN UINTN Flags,
IN INT64 Value,
IN UINTN Width,
IN UINTN Increment
)
{
CHAR8 *EndBuffer;
CHAR8 ValueBuffer[MAXIMUM_VALUE_CHARACTERS];
CHAR8 *ValueBufferPtr;
UINTN Count;
UINTN Digits;
UINTN Index;
UINTN Radix;
//
// 1. Buffer shall not be a null pointer.
//
SAFE_PRINT_CONSTRAINT_CHECK ((Buffer != NULL), RETURN_INVALID_PARAMETER);
//
// 2. BufferSize shall not be greater than (RSIZE_MAX * sizeof (CHAR16)) for
// Unicode output string or shall not be greater than ASCII_RSIZE_MAX for
// Ascii output string.
//
if (Increment == 1) {
//
// Ascii output string
//
if (ASCII_RSIZE_MAX != 0) {
SAFE_PRINT_CONSTRAINT_CHECK ((BufferSize <= ASCII_RSIZE_MAX), RETURN_INVALID_PARAMETER);
}
} else {
//
// Unicode output string
//
if (RSIZE_MAX != 0) {
SAFE_PRINT_CONSTRAINT_CHECK ((BufferSize <= RSIZE_MAX * sizeof (CHAR16) + 1), RETURN_INVALID_PARAMETER);
}
}
//
// 3. Flags shall be set properly.
//
SAFE_PRINT_CONSTRAINT_CHECK (((Flags & ~(LEFT_JUSTIFY | COMMA_TYPE | PREFIX_ZERO | RADIX_HEX)) == 0), RETURN_INVALID_PARAMETER);
SAFE_PRINT_CONSTRAINT_CHECK ((((Flags & COMMA_TYPE) == 0) || ((Flags & RADIX_HEX) == 0)), RETURN_INVALID_PARAMETER);
//
// 4. Width shall be smaller than MAXIMUM_VALUE_CHARACTERS.
//
SAFE_PRINT_CONSTRAINT_CHECK ((Width < MAXIMUM_VALUE_CHARACTERS), RETURN_INVALID_PARAMETER);
//
// Width is 0 or COMMA_TYPE is set, PREFIX_ZERO is ignored.
//
if (Width == 0 || (Flags & COMMA_TYPE) != 0) {
Flags &= ~((UINTN) PREFIX_ZERO);
}
//
// If Width is 0 then a width of MAXIMUM_VALUE_CHARACTERS is assumed.
//
if (Width == 0) {
Width = MAXIMUM_VALUE_CHARACTERS - 1;
}
//
// Count the characters of the output string.
//
Count = 0;
Radix = ((Flags & RADIX_HEX) == 0)? 10 : 16;
if ((Flags & PREFIX_ZERO) != 0) {
Count = Width;
} else {
if ((Value < 0) && ((Flags & RADIX_HEX) == 0)) {
Count++; // minus sign
ValueBufferPtr = BasePrintLibValueToString (ValueBuffer, -Value, Radix);
} else {
ValueBufferPtr = BasePrintLibValueToString (ValueBuffer, Value, Radix);
}
Digits = ValueBufferPtr - ValueBuffer;
Count += Digits;
if ((Flags & COMMA_TYPE) != 0) {
Count += (Digits - 1) / 3; // commas
}
}
Width = MIN (Count, Width);
//
// 5. BufferSize shall be large enough to hold the converted string.
//
SAFE_PRINT_CONSTRAINT_CHECK ((BufferSize >= (Width + 1) * Increment), RETURN_BUFFER_TOO_SMALL);
//
// Set the tag for the end of the input Buffer.
//
EndBuffer = Buffer + Width * Increment;
//
// Convert decimal negative
//
if ((Value < 0) && ((Flags & RADIX_HEX) == 0)) {
Value = -Value;
Buffer = BasePrintLibFillBuffer (Buffer, EndBuffer, 1, '-', Increment);
Width--;
}
//
// Count the length of the value string.
//
ValueBufferPtr = BasePrintLibValueToString (ValueBuffer, Value, Radix);
Count = ValueBufferPtr - ValueBuffer;
//
// Append Zero
//
if ((Flags & PREFIX_ZERO) != 0) {
Buffer = BasePrintLibFillBuffer (Buffer, EndBuffer, Width - Count, '0', Increment);
}
//
// Print Comma type for every 3 characters
//
Digits = Count % 3;
if (Digits != 0) {
Digits = 3 - Digits;
}
for (Index = 0; Index < Count; Index++) {
Buffer = BasePrintLibFillBuffer (Buffer, EndBuffer, 1, *ValueBufferPtr--, Increment);
if ((Flags & COMMA_TYPE) != 0) {
Digits++;
if (Digits == 3) {
Digits = 0;
if ((Index + 1) < Count) {
Buffer = BasePrintLibFillBuffer (Buffer, EndBuffer, 1, ',', Increment);
}
}
}
}
//
// Print Null-terminator
//
BasePrintLibFillBuffer (Buffer, EndBuffer + Increment, 1, 0, Increment);
return RETURN_SUCCESS;
}
/**
Worker function that produces a Null-terminated string in an output buffer
based on a Null-terminated format string and a VA_LIST argument list.