Hao Wu
9fdf31789a
MdePkg/BaseLib: Avoid reading content beyond string boundary ...
REF: https://bugzilla.tianocore.org/show_bug.cgi?id=705
As mentioned in the above Bugzilla link by Steven, within the function
PathCleanUpDirectories(), when executing command:
"cd ."
under Shell, the input parameter 'Path' string will have string length
less than 2. Hence, it is possible for the below statement:
"if (StrCmp (Path + StrLen (Path) - 2, L"\\.") == 0) {"
to read contents before the string boundary.
This commit adds additional checks to avoid this.
Cc: Steven Shi <steven.shi@intel.com>
Cc: Michael Kinney <michael.d.kinney@intel.com>
Cc: Liming Gao <liming.gao@intel.com>
Contributed-under: TianoCore Contribution Agreement 1.1
Signed-off-by: Hao Wu <hao.a.wu@intel.com>
Reviewed-by: Ruiyu Ni <ruiyu.ni@intel.com>
2017-09-21 14:06:28 +08:00
2015-12-15 04:53:50 +00:00
2016-06-28 09:51:45 +08:00
2015-12-15 04:53:50 +00:00
2015-12-15 04:53:50 +00:00
2015-12-15 04:53:50 +00:00
2016-10-07 18:05:37 -07:00
2017-09-11 22:28:05 +02:00
2017-09-21 14:06:28 +08:00
2016-12-22 16:17:16 +08:00
2016-11-04 09:53:01 +00:00
2016-11-04 09:53:01 +00:00
2016-11-04 09:53:01 +00:00
2016-11-04 09:53:01 +00:00
2016-11-04 09:53:01 +00:00
2015-12-15 04:53:50 +00:00
2015-12-15 04:53:50 +00:00
2016-05-23 10:48:53 +08:00
2015-12-15 04:53:50 +00:00
2015-12-15 04:53:50 +00:00
2015-12-15 04:53:50 +00:00
2015-12-15 04:53:50 +00:00
2017-08-28 16:47:04 +08:00
2017-08-28 16:47:03 +08:00
2015-12-15 04:53:50 +00:00
2017-04-26 08:58:18 +08:00
2017-03-06 14:18:45 +08:00
2015-12-15 04:53:50 +00:00
2015-12-15 04:53:50 +00:00
2015-12-15 04:53:50 +00:00
2017-06-01 08:46:31 +08:00
2015-12-15 04:53:50 +00:00
2015-12-15 04:53:50 +00:00
2017-01-03 12:22:47 +01:00
2015-12-15 04:53:50 +00:00
2017-03-06 14:18:45 +08:00
2017-08-28 16:47:05 +08:00
2015-12-15 04:53:50 +00:00
2015-12-15 04:53:50 +00:00
2015-12-15 04:53:50 +00:00
2015-12-15 04:53:50 +00:00
2015-12-15 04:53:50 +00:00
2016-11-17 17:08:26 -08:00
2015-12-15 04:53:50 +00:00
2017-08-11 08:47:00 +08:00
2015-12-15 04:53:50 +00:00
2016-11-17 09:27:12 +08:00
2015-12-15 04:53:50 +00:00
2016-10-21 16:40:51 +08:00
2017-01-20 15:39:23 +08:00
2017-07-18 10:35:36 +08:00
2017-01-20 15:40:59 +08:00
2017-01-17 10:11:20 +08:00
2015-12-15 04:53:50 +00:00
2016-05-23 10:48:53 +08:00
2016-10-21 16:40:51 +08:00
2016-10-21 16:40:51 +08:00
2015-12-15 04:53:50 +00:00
2015-12-15 04:53:50 +00:00
2015-12-15 04:53:50 +00:00
2017-05-08 08:57:03 +08:00
2015-12-15 04:53:50 +00:00
2015-12-15 04:53:50 +00:00
2015-12-15 04:53:50 +00:00
2017-09-06 10:43:53 +08:00
2015-12-15 04:53:50 +00:00
2016-07-29 09:18:12 +08:00
2016-10-21 16:40:51 +08:00
2016-11-17 09:27:12 +08:00
2017-01-17 10:11:14 +08:00
2017-09-04 13:45:47 +08:00
2016-12-22 16:17:16 +08:00
2015-12-15 04:53:50 +00:00
2015-12-15 04:53:50 +00:00
2016-05-23 10:48:53 +08:00
2016-10-21 16:40:51 +08:00
2017-08-28 16:47:03 +08:00
2015-12-15 04:53:50 +00:00
2017-09-04 13:45:46 +08:00
2015-12-15 04:53:50 +00:00
2015-12-15 04:53:50 +00:00
2015-12-15 04:53:50 +00:00
2015-12-15 04:53:50 +00:00
2015-12-15 04:53:50 +00:00
2017-03-13 16:04:11 +08:00
2017-06-06 09:07:10 +08:00
2017-01-20 15:40:59 +08:00
2015-12-15 04:53:50 +00:00
2017-06-06 09:07:09 +08:00
2017-03-06 14:18:45 +08:00
2016-09-27 11:01:23 +08:00
2016-10-21 16:40:51 +08:00
2016-10-21 16:40:51 +08:00
2015-12-15 04:53:50 +00:00
2015-12-15 04:53:50 +00:00
2015-12-15 04:53:50 +00:00
2015-12-15 04:53:50 +00:00
2015-12-15 04:53:50 +00:00
2015-12-15 04:53:50 +00:00
2017-08-14 13:18:23 +08:00
2016-11-09 17:49:15 +08:00
2015-12-15 04:53:50 +00:00
2017-01-12 21:26:26 +08:00
2017-04-14 13:16:05 +08:00
2017-03-06 14:18:45 +08:00
2016-12-22 16:17:16 +08:00
2015-12-15 04:53:50 +00:00
2016-10-21 16:40:51 +08:00
2017-08-28 16:47:03 +08:00
2015-12-15 04:53:50 +00:00
2015-12-15 04:53:50 +00:00
2015-12-15 04:53:50 +00:00
2015-12-22 13:58:09 +00:00
2016-10-07 18:05:37 -07:00
9fdf31789a