sravan/system76-edk2
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

ShellPkg: Use safe string functions to refine code.

Browse Source 
Contributed-under: TianoCore Contribution Agreement 1.0
Signed-off-by: Qiu Shumin <shumin.qiu@intel.com>
Reviewed-by: Jaben Carsey <jaben.carsey@intel.com>
Reviewed-by: Star Zeng <star.zeng@intel.com>


git-svn-id: https://svn.code.sf.net/p/edk2/code/trunk/edk2@17730 6f19259b-4bc3-4df7-8a09-765794883524
This commit is contained in:
Qiu Shumin
2015-06-30 03:18:31 +00:00
committed by shenshushi
parent cb9a7ebabc
commit e75390f029
18 changed files with 195 additions and 120 deletions
Download Patch File Download Diff File Expand all files Collapse all files

16
ShellPkg/Application/Shell/FileHandleWrappers.c
View File

@@ -2,7 +2,7 @@
EFI_FILE_PROTOCOL wrappers for other items (Like Environment Variables,
StdIn, StdOut, StdErr, etc...).
Copyright (c) 2009 - 2014, Intel Corporation. All rights reserved.<BR>
Copyright (c) 2009 - 2015, Intel Corporation. All rights reserved.<BR>
(C) Copyright 2013 Hewlett-Packard Development Company, L.P.<BR>
This program and the accompanying materials
are licensed and made available under the terms and conditions of the BSD License
@@ -509,19 +509,23 @@ FileInterfaceStdInRead(
if (StrStr(CurrentString + TabPos, L":") == NULL) {
Cwd = ShellInfoObject.NewEfiShellProtocol->GetCurDir(NULL);
if (Cwd != NULL) {
StrnCpy(TabStr, Cwd, (*BufferSize)/sizeof(CHAR16) - 1);
StrCpyS(TabStr, (*BufferSize)/sizeof(CHAR16), Cwd);
if (TabStr[StrLen(TabStr)-1] == L'\\' && *(CurrentString + TabPos) == L'\\' ) {
TabStr[StrLen(TabStr)-1] = CHAR_NULL;
}
StrnCat(TabStr, CurrentString + TabPos, (StringLen - TabPos) * sizeof (CHAR16));
StrnCatS( TabStr,
(*BufferSize)/sizeof(CHAR16),
CurrentString + TabPos,
(StringLen - TabPos) * sizeof (CHAR16)
);
} else {
*TabStr = CHAR_NULL;
StrnCat(TabStr, CurrentString + TabPos, (StringLen - TabPos) * sizeof (CHAR16));
StrnCatS(TabStr, (*BufferSize)/sizeof(CHAR16), CurrentString + TabPos, (StringLen - TabPos) * sizeof (CHAR16));
}
} else {
StrnCpy(TabStr, CurrentString + TabPos, (*BufferSize)/sizeof(CHAR16) - 1);
StrCpyS(TabStr, (*BufferSize)/sizeof(CHAR16), CurrentString + TabPos);
}
StrnCat(TabStr, L"*", (*BufferSize)/sizeof(CHAR16) - 1 - StrLen(TabStr));
StrnCatS(TabStr, (*BufferSize)/sizeof(CHAR16), L"*", (*BufferSize)/sizeof(CHAR16) - 1 - StrLen(TabStr));
FoundFileList = NULL;
Status = ShellInfoObject.NewEfiShellProtocol->FindFiles(TabStr, &FoundFileList);
for ( TempStr = CurrentString

50
ShellPkg/Application/Shell/Shell.c
View File

@@ -1079,10 +1079,10 @@ DoStartupScript(
if (FileStringPath == NULL) {
return (EFI_OUT_OF_RESOURCES);
}
StrnCpy(FileStringPath, ShellInfoObject.ShellInitSettings.FileName, NewSize/sizeof(CHAR16) -1);
StrCpyS(FileStringPath, NewSize/sizeof(CHAR16), ShellInfoObject.ShellInitSettings.FileName);
if (ShellInfoObject.ShellInitSettings.FileOptions != NULL) {
StrnCat(FileStringPath, L" ", NewSize/sizeof(CHAR16) - StrLen(FileStringPath) -1);
StrnCat(FileStringPath, ShellInfoObject.ShellInitSettings.FileOptions, NewSize/sizeof(CHAR16) - StrLen(FileStringPath) -1);
StrnCatS(FileStringPath, NewSize/sizeof(CHAR16), L" ", NewSize/sizeof(CHAR16) - StrLen(FileStringPath) -1);
StrnCatS(FileStringPath, NewSize/sizeof(CHAR16), ShellInfoObject.ShellInitSettings.FileOptions, NewSize/sizeof(CHAR16) - StrLen(FileStringPath) -1);
}
Status = RunCommand(FileStringPath);
FreePool(FileStringPath);
@@ -1488,11 +1488,20 @@ ShellConvertVariables (
; MasterEnvList != NULL && *MasterEnvList != CHAR_NULL
; MasterEnvList += StrLen(MasterEnvList) + 1
){
StrnCpy(ItemTemp, L"%", ((ItemSize+(2*sizeof(CHAR16)))/sizeof(CHAR16))-1);
StrnCat(ItemTemp, MasterEnvList, ((ItemSize+(2*sizeof(CHAR16)))/sizeof(CHAR16))-1 - StrLen(ItemTemp));
StrnCat(ItemTemp, L"%", ((ItemSize+(2*sizeof(CHAR16)))/sizeof(CHAR16))-1 - StrLen(ItemTemp));
StrCpyS( ItemTemp,
((ItemSize+(2*sizeof(CHAR16)))/sizeof(CHAR16)),
L"%"
);
StrCatS( ItemTemp,
((ItemSize+(2*sizeof(CHAR16)))/sizeof(CHAR16)),
MasterEnvList
);
StrCatS( ItemTemp,
((ItemSize+(2*sizeof(CHAR16)))/sizeof(CHAR16)),
L"%"
);
ShellCopySearchAndReplace(NewCommandLine1, NewCommandLine2, NewSize, ItemTemp, EfiShellGetEnv(MasterEnvList), TRUE, FALSE);
StrnCpy(NewCommandLine1, NewCommandLine2, NewSize/sizeof(CHAR16)-1);
StrCpyS(NewCommandLine1, NewSize/sizeof(CHAR16), NewCommandLine2);
}
if (CurrentScriptFile != NULL) {
for (AliasListNode = (ALIAS_LIST*)GetFirstNode(&CurrentScriptFile->SubstList)
@@ -1500,7 +1509,7 @@ ShellConvertVariables (
; AliasListNode = (ALIAS_LIST*)GetNextNode(&CurrentScriptFile->SubstList, &AliasListNode->Link)
){
ShellCopySearchAndReplace(NewCommandLine1, NewCommandLine2, NewSize, AliasListNode->Alias, AliasListNode->CommandString, TRUE, FALSE);
StrnCpy(NewCommandLine1, NewCommandLine2, NewSize/sizeof(CHAR16)-1);
StrCpyS(NewCommandLine1, NewSize/sizeof(CHAR16), NewCommandLine2);
}
}
@@ -1513,7 +1522,7 @@ ShellConvertVariables (
// Now cleanup any straggler intentionally ignored "%" characters
//
ShellCopySearchAndReplace(NewCommandLine1, NewCommandLine2, NewSize, L"^%", L"%", TRUE, FALSE);
StrnCpy(NewCommandLine1, NewCommandLine2, NewSize/sizeof(CHAR16)-1);
StrCpyS(NewCommandLine1, NewSize/sizeof(CHAR16), NewCommandLine2);
FreePool(NewCommandLine2);
FreePool(ItemTemp);
@@ -1991,6 +2000,7 @@ DoHelpUpdate(
CHAR16 *Walker;
CHAR16 *NewCommandLine;
EFI_STATUS Status;
UINTN NewCmdLineSize;
Status = EFI_SUCCESS;
@@ -2005,7 +2015,8 @@ DoHelpUpdate(
if (StrStr(CurrentParameter, L"-?") == CurrentParameter) {
CurrentParameter[0] = L' ';
CurrentParameter[1] = L' ';
NewCommandLine = AllocateZeroPool(StrSize(L"help ") + StrSize(*CmdLine));
NewCmdLineSize = StrSize(L"help ") + StrSize(*CmdLine);
NewCommandLine = AllocateZeroPool(NewCmdLineSize);
if (NewCommandLine == NULL) {
Status = EFI_OUT_OF_RESOURCES;
break;
@@ -2014,8 +2025,8 @@ DoHelpUpdate(
//
// We know the space is sufficient since we just calculated it.
//
StrnCpy(NewCommandLine, L"help ", 5);
StrnCat(NewCommandLine, *CmdLine, StrLen(*CmdLine));
StrnCpyS(NewCommandLine, NewCmdLineSize/sizeof(CHAR16), L"help ", 5);
StrnCatS(NewCommandLine, NewCmdLineSize/sizeof(CHAR16), *CmdLine, StrLen(*CmdLine));
SHELL_FREE_NON_NULL(*CmdLine);
*CmdLine = NewCommandLine;
break;
@@ -2658,7 +2669,10 @@ RunScriptFileHandle (
; // conditional increment in the body of the loop
){
ASSERT(CommandLine2 != NULL);
StrnCpy(CommandLine2, NewScriptFile->CurrentCommand->Cl, PcdGet16(PcdShellPrintBufferSize)/sizeof(CHAR16)-1);
StrCpyS( CommandLine2,
PcdGet16(PcdShellPrintBufferSize)/sizeof(CHAR16),
NewScriptFile->CurrentCommand->Cl
);
//
// NULL out comments
@@ -2679,7 +2693,10 @@ RunScriptFileHandle (
//
// Due to variability in starting the find and replace action we need to have both buffers the same.
//
StrnCpy(CommandLine, CommandLine2, PcdGet16(PcdShellPrintBufferSize)/sizeof(CHAR16)-1);
StrCpyS( CommandLine,
PcdGet16(PcdShellPrintBufferSize)/sizeof(CHAR16),
CommandLine2
);
//
// Remove the %0 to %9 from the command line (if we have some arguments)
@@ -2731,7 +2748,10 @@ RunScriptFileHandle (
Status = ShellCopySearchAndReplace(CommandLine, CommandLine2, PcdGet16 (PcdShellPrintBufferSize), L"%8", L"\"\"", FALSE, FALSE);
Status = ShellCopySearchAndReplace(CommandLine2, CommandLine, PcdGet16 (PcdShellPrintBufferSize), L"%9", L"\"\"", FALSE, FALSE);
StrnCpy(CommandLine2, CommandLine, PcdGet16(PcdShellPrintBufferSize)/sizeof(CHAR16)-1);
StrCpyS( CommandLine2,
PcdGet16(PcdShellPrintBufferSize)/sizeof(CHAR16),
CommandLine
);
LastCommand = NewScriptFile->CurrentCommand;

5
ShellPkg/Application/Shell/ShellEnvVar.c
View File

@@ -339,7 +339,10 @@ SetEnvironmentVariables(
//
// Copy the string into the Key, leaving the last character allocated as NULL to terminate
//
StrnCpy(Node->Key, CurrentString, StrStr(CurrentString, L"=") - CurrentString);
StrCpyS( Node->Key,
StrStr(CurrentString, L"=") - CurrentString + 1,
CurrentString
);
//
// ValueSize = TotalSize - already removed size - size for '=' + size for terminator (the last 2 items cancel each other)

28
ShellPkg/Application/Shell/ShellManParser.c
View File

@@ -1,7 +1,7 @@
/** @file
Provides interface to shell MAN file parser.
Copyright (c) 2009 - 2014, Intel Corporation. All rights reserved.<BR>
Copyright (c) 2009 - 2015, Intel Corporation. All rights reserved.<BR>
This program and the accompanying materials
are licensed and made available under the terms and conditions of the BSD License
which accompanies this distribution. The full text of the license may be found at
@@ -43,8 +43,16 @@ GetManFileName(
} else {
Buffer = AllocateZeroPool(StrSize(ManFileName) + 4*sizeof(CHAR16));
if (Buffer != NULL) {
StrnCpy(Buffer, ManFileName, StrLen(ManFileName));
StrnCat(Buffer, L".man", 4);
StrnCpyS( Buffer,
(StrSize(ManFileName) + 4*sizeof(CHAR16))/sizeof(CHAR16),
ManFileName,
StrLen(ManFileName)
);
StrnCatS( Buffer,
(StrSize(ManFileName) + 4*sizeof(CHAR16))/sizeof(CHAR16),
L".man",
4
);
}
}
return (Buffer);
@@ -392,9 +400,9 @@ ManBufferFindTitleSection(
if (TitleString == NULL) {
return (EFI_OUT_OF_RESOURCES);
}
StrnCpy(TitleString, StartString, TitleLength/sizeof(CHAR16) - 1);
StrnCat(TitleString, Command, TitleLength/sizeof(CHAR16) - 1 - StrLen(TitleString));
StrnCat(TitleString, EndString, TitleLength/sizeof(CHAR16) - 1 - StrLen(TitleString));
StrCpyS(TitleString, TitleLength/sizeof(CHAR16), StartString);
StrCatS(TitleString, TitleLength/sizeof(CHAR16), Command);
StrCatS(TitleString, TitleLength/sizeof(CHAR16), EndString);
CurrentLocation = StrStr(*Buffer, TitleString);
if (CurrentLocation == NULL){
@@ -418,7 +426,7 @@ ManBufferFindTitleSection(
if (*BriefDesc == NULL) {
Status = EFI_OUT_OF_RESOURCES;
} else {
StrnCpy(*BriefDesc, CurrentLocation, TitleEnd-CurrentLocation);
StrnCpyS(*BriefDesc, (*BriefSize)/sizeof(CHAR16), CurrentLocation, TitleEnd-CurrentLocation);
}
}
@@ -495,8 +503,8 @@ ManFileFindTitleSection(
FreePool(ReadLine);
return (EFI_OUT_OF_RESOURCES);
}
StrnCpy(TitleString, L".TH ", TitleSize/sizeof(CHAR16) - 1);
StrnCat(TitleString, Command, TitleSize/sizeof(CHAR16) - 1 - StrLen(TitleString));
StrCpyS(TitleString, TitleSize/sizeof(CHAR16), L".TH ");
StrCatS(TitleString, TitleSize/sizeof(CHAR16), Command);
TitleLen = StrLen(TitleString);
for (;!ShellFileHandleEof(Handle);Size = 1024) {
@@ -532,7 +540,7 @@ ManFileFindTitleSection(
Status = EFI_OUT_OF_RESOURCES;
break;
}
StrnCpy(*BriefDesc, TitleEnd, (*BriefSize)/sizeof(CHAR16) - 1);
StrCpyS(*BriefDesc, (*BriefSize)/sizeof(CHAR16), TitleEnd);
}
break;
}

4
ShellPkg/Application/Shell/ShellParametersProtocol.c
View File

@@ -125,7 +125,7 @@ DEBUG_CODE_END();
return (EFI_NOT_FOUND);
}
StrnCpy(*TempParameter, (*Walker), NextDelim - *Walker);
StrnCpyS(*TempParameter, Length, (*Walker), NextDelim - *Walker);
//
// Add a CHAR_NULL if we didnt get one via the copy
@@ -1012,7 +1012,7 @@ UpdateStdInStdOutStdErr(
//
// re-populate the string to support any filenames that were in quotes.
//
StrnCpy(CommandLineCopy, NewCommandLine, StrLen(NewCommandLine));
StrnCpyS(CommandLineCopy, StrSize(CommandLineCopy)/sizeof(CHAR16), NewCommandLine, StrLen(NewCommandLine));
if (FirstLocation != CommandLineCopy + StrLen(CommandLineCopy)
&& ((UINTN)(FirstLocation - CommandLineCopy) < StrLen(NewCommandLine))

21
ShellPkg/Application/Shell/ShellProtocol.c
View File

@@ -537,12 +537,12 @@ EfiShellGetDevicePathFromFilePath(
if (NewPath == NULL) {
return (NULL);
}
StrnCpy(NewPath, Cwd, Size/sizeof(CHAR16)-1);
StrCpyS(NewPath, Size/sizeof(CHAR16), Cwd);
if (*Path == L'\\') {
Path++;
while (PathRemoveLastItem(NewPath)) ;
}
StrnCat(NewPath, Path, Size/sizeof(CHAR16) - 1 - StrLen(NewPath));
StrCatS(NewPath, Size/sizeof(CHAR16), Path);
DevicePathForReturn = EfiShellGetDevicePathFromFilePath(NewPath);
FreePool(NewPath);
return (DevicePathForReturn);
@@ -2220,7 +2220,7 @@ ShellSearchHandle(
CurrentFilePattern = AllocateZeroPool((NextFilePatternStart-FilePattern+1)*sizeof(CHAR16));
ASSERT(CurrentFilePattern != NULL);
StrnCpy(CurrentFilePattern, FilePattern, NextFilePatternStart-FilePattern);
StrCpyS(CurrentFilePattern, NextFilePatternStart-FilePattern+1, FilePattern);
if (CurrentFilePattern[0] == CHAR_NULL
&&NextFilePatternStart[0] == CHAR_NULL
@@ -2284,8 +2284,8 @@ ShellSearchHandle(
if (NewFullName == NULL) {
Status = EFI_OUT_OF_RESOURCES;
} else {
StrnCpy(NewFullName, MapName, Size/sizeof(CHAR16)-1);
StrnCat(NewFullName, ShellInfoNode->FullName+1, (Size/sizeof(CHAR16))-StrLen(NewFullName)-1);
StrCpyS(NewFullName, Size/sizeof(CHAR16), MapName);
StrCatS(NewFullName, Size/sizeof(CHAR16), ShellInfoNode->FullName+1);
FreePool((VOID*)ShellInfoNode->FullName);
ShellInfoNode->FullName = NewFullName;
}
@@ -2615,7 +2615,10 @@ EfiShellGetEnvEx(
; Node = (ENV_VAR_LIST*)GetNextNode(&List, &Node->Link)
){
ASSERT(Node->Key != NULL);
StrnCpy(CurrentWriteLocation, Node->Key, (Size)/sizeof(CHAR16) - (CurrentWriteLocation - ((CHAR16*)Buffer)) - 1);
StrCpyS( CurrentWriteLocation,
(Size)/sizeof(CHAR16) - (CurrentWriteLocation - ((CHAR16*)Buffer)),
Node->Key
);
CurrentWriteLocation += StrLen(CurrentWriteLocation) + 1;
}
@@ -3046,7 +3049,11 @@ EfiShellGetHelpText(
FixCommand = AllocateZeroPool(StrSize(Command) - 4 * sizeof (CHAR16));
ASSERT(FixCommand != NULL);
StrnCpy(FixCommand, Command, StrLen(Command)-4);
StrnCpyS( FixCommand,
(StrSize(Command) - 4 * sizeof (CHAR16))/sizeof(CHAR16),
Command,
StrLen(Command)-4
);
Status = ProcessManFile(FixCommand, FixCommand, Sections, NULL, HelpText);
FreePool(FixCommand);
return Status;