sravan/system76-edk2
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

ArmPlatformPkg/Bds: Fixed potential overflow in EditHIInputStr()

Browse Source 
Contributed-under: TianoCore Contribution Agreement 1.0
Signed-off-by: Ryan Harkin <ryan.harkin@linaro.org>
Signed-off: Olivier Martin <olivier.martin@arm.com>




git-svn-id: https://edk2.svn.sourceforge.net/svnroot/edk2/trunk/edk2@14393 6f19259b-4bc3-4df7-8a09-765794883524
This commit is contained in:
Ryan Harkin 2013-05-29 14:56:35 +00:00 committed by oliviermartin
parent b3a18a1a17
commit 7ff3b9494d
1 changed files with 9 additions and 2 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

11
ArmPlatformPkg/Bds/BdsHelper.c
View File

@ -1,6 +1,6 @@
/** @file /** @file
* *
* Copyright (c) 2011-2012, ARM Limited. All rights reserved. * Copyright (c) 2011-2013, ARM Limited. All rights reserved.
* *
* This program and the accompanying materials * This program and the accompanying materials
* are licensed and made available under the terms and conditions of the BSD License * are licensed and made available under the terms and conditions of the BSD License
@ -26,9 +26,16 @@ EditHIInputStr (
EFI_INPUT_KEY Key; EFI_INPUT_KEY Key;
EFI_STATUS Status; EFI_STATUS Status;
// The command line must be at least one character long
ASSERT (MaxCmdLine > 0);
Print (CmdLine); Print (CmdLine);
for (CmdLineIndex = StrLen (CmdLine); CmdLineIndex < MaxCmdLine; ) { // Ensure the last character of the buffer is the NULL character
CmdLine[MaxCmdLine - 1] = '\0';
// To prevent a buffer overflow, we only allow to enter (MaxCmdLine-1) characters
for (CmdLineIndex = StrLen (CmdLine); CmdLineIndex < MaxCmdLine-1; ) {
Status = gBS->WaitForEvent (1, &gST->ConIn->WaitForKey, &WaitIndex); Status = gBS->WaitForEvent (1, &gST->ConIn->WaitForKey, &WaitIndex);
ASSERT_EFI_ERROR (Status); ASSERT_EFI_ERROR (Status);