Re: [edk2-devel] [edk2-libc PATCH 1/1] Update LibC to use safe string functions

Thu, 12 Aug 2021 19:10:20 -0700 

Reviewed-by: Michael D Kinney <michael.d.kin...@intel.com>


> -----Original Message-----
> From: devel@edk2.groups.io <devel@edk2.groups.io> On Behalf Of Rebecca Cran
> Sent: Monday, June 7, 2021 9:22 AM
> To: devel@edk2.groups.io; Daryl McDaniel <edk2-li...@mc2research.org>; 
> Carsey, Jaben <jaben.car...@intel.com>
> Cc: Rebecca Cran <rebe...@nuviainc.com>
> Subject: [edk2-devel] [edk2-libc PATCH 1/1] Update LibC to use safe string 
> functions
> 
> The insecure string functions such as StrCpy were removed a while ago,
> breaking the StdLib build. Migrate StdLib/LibC to the safe string
> versions.
> 
> Signed-off-by: Rebecca Cran <rebe...@nuviainc.com>
> ---
>  StdLib/LibC/StdLib/Environs.c           | 11 ++++++-----
>  StdLib/LibC/StdLib/realpath.c           |  5 +++--
>  StdLib/LibC/String/Concatenation.c      |  7 +++++--
>  StdLib/LibC/String/Copying.c            |  7 +++++--
>  StdLib/LibC/Uefi/Devices/Utility/Path.c |  3 ++-
>  StdLib/LibC/Uefi/SysCalls.c             |  5 +++--
>  StdLib/LibC/Wchar/Concatenation.c       |  6 ++++--
>  StdLib/LibC/Wchar/Copying.c             |  4 ++--
>  8 files changed, 30 insertions(+), 18 deletions(-)
> 
> diff --git a/StdLib/LibC/StdLib/Environs.c b/StdLib/LibC/StdLib/Environs.c
> index a29cb9954cf9..ad56629554df 100644
> --- a/StdLib/LibC/StdLib/Environs.c
> +++ b/StdLib/LibC/StdLib/Environs.c
> @@ -151,7 +151,7 @@ system(const char *string)
>    if( string == NULL) {
>      return 1;
>    }
> -  (void)AsciiStrToUnicodeStr( string, gMD->UString);
> +  (void)AsciiStrToUnicodeStrS (string, gMD->UString, UNICODE_STRING_MAX);
>    OpStat = ShellExecute( &MyHandle, gMD->UString, FALSE, NULL, &CmdStat);
>    if(OpStat == RETURN_SUCCESS) {
>      EFIerrno = CmdStat;
> @@ -177,10 +177,11 @@ char   *getenv(const char *name)
>    const CHAR16  *EfiEnv;
>    char          *retval = NULL;
> 
> -  (void)AsciiStrToUnicodeStr( name, gMD->UString);
> +  (void)AsciiStrToUnicodeStrS (name, gMD->UString, UNICODE_STRING_MAX);
>    EfiEnv = ShellGetEnvironmentVariable(gMD->UString);
>    if(EfiEnv != NULL) {
> -    retval = UnicodeStrToAsciiStr( EfiEnv, gMD->ASgetenv);
> +    (void)UnicodeStrToAsciiStrS (EfiEnv, gMD->ASgetenv, UNICODE_STRING_MAX);
> +    retval = gMD->ASgetenv;
>    }
> 
>    return retval;
> @@ -238,8 +239,8 @@ setenv (
>      //
>      //  Convert the strings
>      //
> -    AsciiStrToUnicodeStr ( name, UName );
> -    AsciiStrToUnicodeStr ( value, UValue );
> +    AsciiStrToUnicodeStrS (name, UName, UNICODE_STRING_MAX);
> +    AsciiStrToUnicodeStrS (value, UValue, UNICODE_STRING_MAX);
> 
>      //
>      //  Determine if the string is already present
> diff --git a/StdLib/LibC/StdLib/realpath.c b/StdLib/LibC/StdLib/realpath.c
> index 6d75f17a394d..a8ff1e9d5b1d 100644
> --- a/StdLib/LibC/StdLib/realpath.c
> +++ b/StdLib/LibC/StdLib/realpath.c
> @@ -14,6 +14,7 @@
>  #include <Library/BaseLib.h>
>  #include <Library/MemoryAllocationLib.h>
>  #include <errno.h>
> +#include <limits.h>
> 
>  /** The realpath() function shall derive, from the pathname pointed to by
>      file_name, an absolute pathname that names the same file, whose 
> resolution
> @@ -47,8 +48,8 @@ realpath(
>      errno = ENOMEM;
>      return (NULL);
>    }
> -  AsciiStrToUnicodeStr(file_name, Temp);
> +  AsciiStrToUnicodeStrS (file_name, Temp, UNICODE_STRING_MAX);
>    PathCleanUpDirectories(Temp);
> -  UnicodeStrToAsciiStr(Temp, resolved_name);
> +  UnicodeStrToAsciiStrS (Temp, resolved_name, UNICODE_STRING_MAX);
>    return (resolved_name);
>  }
> diff --git a/StdLib/LibC/String/Concatenation.c 
> b/StdLib/LibC/String/Concatenation.c
> index e76bea0bf858..f78836fbe0d6 100644
> --- a/StdLib/LibC/String/Concatenation.c
> +++ b/StdLib/LibC/String/Concatenation.c
> @@ -15,6 +15,7 @@
> 
>  #include  <LibConfig.h>
> 
> +#include <limits.h>
>  #include  <string.h>
> 
>  /** The strcat function appends a copy of the string pointed to by s2
> @@ -28,7 +29,8 @@
>  char *
>  strcat(char * __restrict s1, const char * __restrict s2)
>  {
> -  return AsciiStrCat( s1, s2);
> +  AsciiStrCatS (s1, UNICODE_STRING_MAX, s2);
> +  return s1;
>  }
> 
>  /** The strncat function appends not more than n characters (a null character
> @@ -43,7 +45,8 @@ strcat(char * __restrict s1, const char * __restrict s2)
>  char *
>  strncat(char * __restrict s1, const char * __restrict s2, size_t n)
>  {
> -  return AsciiStrnCat( s1, s2, n);
> +  AsciiStrnCatS (s1, UNICODE_STRING_MAX, s2, n);
> +  return s1;
>  }
> 
>  /** The strncatX function appends not more than n characters (a null 
> character
> diff --git a/StdLib/LibC/String/Copying.c b/StdLib/LibC/String/Copying.c
> index 3234eccf0808..cc2077a5b80a 100644
> --- a/StdLib/LibC/String/Copying.c
> +++ b/StdLib/LibC/String/Copying.c
> @@ -16,6 +16,7 @@
> 
>  #include  <LibConfig.h>
> 
> +#include <limits.h>
>  #include  <stdlib.h>
>  #include  <string.h>
> 
> @@ -73,7 +74,8 @@ strcpy(char * __restrict s1, const char * __restrict s2)
> 
>    //while ( *s1++ = *s2++)  /* Empty Body */;
>    //return(s1ret);
> -  return AsciiStrCpy( s1, s2);
> +  AsciiStrCpyS (s1, UNICODE_STRING_MAX, s2);
> +  return s1;
>  }
> 
>  /** The strncpy function copies not more than n characters (characters that
> @@ -89,7 +91,8 @@ strcpy(char * __restrict s1, const char * __restrict s2)
>  **/
>  char     *strncpy(char * __restrict s1, const char * __restrict s2, size_t n)
>  {
> -  return AsciiStrnCpy( s1, s2, n);
> +  AsciiStrnCpyS (s1, UNICODE_STRING_MAX, s2, n);
> +  return s1;
>    //char *dest = s1;
> 
>    //while(n != 0) {
> diff --git a/StdLib/LibC/Uefi/Devices/Utility/Path.c 
> b/StdLib/LibC/Uefi/Devices/Utility/Path.c
> index 96392e018dac..d6728d3a647e 100644
> --- a/StdLib/LibC/Uefi/Devices/Utility/Path.c
> +++ b/StdLib/LibC/Uefi/Devices/Utility/Path.c
> @@ -110,7 +110,8 @@ NormalizePath( const char *path)
>    wchar_t  *NewPath;
>    size_t    Length;
> 
> -  OldPath = AsciiStrToUnicodeStr(path, gMD->UString);
> +  AsciiStrToUnicodeStrS (path, gMD->UString, UNICODE_STRING_MAX);
> +  OldPath = gMD->UString;
>    Length  = wcslen(OldPath) + 1;
> 
>    NewPath = calloc(Length, sizeof(wchar_t));
> diff --git a/StdLib/LibC/Uefi/SysCalls.c b/StdLib/LibC/Uefi/SysCalls.c
> index faa73ed7a4ee..e83b72308fbe 100644
> --- a/StdLib/LibC/Uefi/SysCalls.c
> +++ b/StdLib/LibC/Uefi/SysCalls.c
> @@ -1320,7 +1320,8 @@ char
>      errno = ERANGE;
>      return (NULL);
>    }
> -  return (UnicodeStrToAsciiStr(Cwd, buf));
> +  UnicodeStrToAsciiStrS (Cwd, buf, UNICODE_STRING_MAX);
> +  return buf;
>  }
> 
>  /** Change the current working directory.
> @@ -1358,7 +1359,7 @@ chdir (const char *path)
>          errno = ENOMEM;
>          return -1;
>        }
> -      AsciiStrToUnicodeStr(path, UnicodePath);
> +      AsciiStrToUnicodeStrS (path, UnicodePath, UNICODE_STRING_MAX);
>        Status = gEfiShellProtocol->SetCurDir(NULL, UnicodePath);
>        FreePool(UnicodePath);
>        if (EFI_ERROR(Status)) {
> diff --git a/StdLib/LibC/Wchar/Concatenation.c 
> b/StdLib/LibC/Wchar/Concatenation.c
> index cf595a461f0e..7289240951aa 100644
> --- a/StdLib/LibC/Wchar/Concatenation.c
> +++ b/StdLib/LibC/Wchar/Concatenation.c
> @@ -31,7 +31,8 @@
>  **/
>  wchar_t *wcscat(wchar_t * __restrict s1, const wchar_t * __restrict s2)
>  {
> -  return (wchar_t *)StrCat( (CHAR16 *)s1, (CONST CHAR16 *)s2);
> +  StrCatS ((CHAR16 *)s1, UNICODE_STRING_MAX, (CONST CHAR16 *)s2);
> +  return s1;
>  }
> 
>  /** The wcsncat function appends not more than n wide characters (a null wide
> @@ -44,5 +45,6 @@ wchar_t *wcscat(wchar_t * __restrict s1, const wchar_t * 
> __restrict s2)
>  **/
>  wchar_t *wcsncat(wchar_t * __restrict s1, const wchar_t * __restrict s2, 
> size_t n)
>  {
> -  return (wchar_t *)StrnCat( (CHAR16 *)s1, (CONST CHAR16 *)s2, (UINTN)n);
> +  StrnCatS ((CHAR16 *)s1, UNICODE_STRING_MAX, (CONST CHAR16 *)s2, (UINTN)n);
> +  return s1;
>  }
> diff --git a/StdLib/LibC/Wchar/Copying.c b/StdLib/LibC/Wchar/Copying.c
> index 7075437965ad..848c83419ddb 100644
> --- a/StdLib/LibC/Wchar/Copying.c
> +++ b/StdLib/LibC/Wchar/Copying.c
> @@ -29,7 +29,7 @@
>  **/
>  wchar_t *wcscpy(wchar_t * __restrict s1, const wchar_t * __restrict s2)
>  {
> -  return (wchar_t *)StrCpy( (CHAR16 *)s1, (CONST CHAR16 *)s2);
> +  return (wchar_t *)StrCpyS ((CHAR16 *)s1, UNICODE_STRING_MAX, (CONST CHAR16 
> *)s2);
>  }
> 
>  /** The wcsncpy function copies not more than n wide characters (those that
> @@ -44,7 +44,7 @@ wchar_t *wcscpy(wchar_t * __restrict s1, const wchar_t * 
> __restrict s2)
>  **/
>  wchar_t *wcsncpy(wchar_t * __restrict s1, const wchar_t * __restrict s2, 
> size_t n)
>  {
> -  return (wchar_t *)StrnCpy( (CHAR16 *)s1, (CONST CHAR16 *)s2, (UINTN)n);
> +  return (wchar_t *)StrnCpyS ((CHAR16 *)s1, UNICODE_STRING_MAX, (CONST 
> CHAR16 *)s2, (UINTN)n);
>  }
> 
>  /** The wmemcpy function copies n wide characters from the object pointed to 
> by
> --
> 2.26.2
> 
> 
> 
> 
> 



-=-=-=-=-=-=-=-=-=-=-=-
Groups.io Links: You receive all messages sent to this group.
View/Reply Online (#79226): https://edk2.groups.io/g/devel/message/79226
Mute This Topic: https://groups.io/mt/83374264/21656
Group Owner: devel+ow...@edk2.groups.io
Unsubscribe: https://edk2.groups.io/g/devel/unsub [arch...@mail-archive.com]
-=-=-=-=-=-=-=-=-=-=-=-

Reply via email to