MdeModulePkg/UefiHiiLib: Fix incorrect check for string length

REF: https://bugzilla.tianocore.org/show_bug.cgi?id=681 For string opcode,when checking the valid string length, it should exclude the Null-terminated character. And for string in NameValue storage, need to exclude the varname and also need to convert the Config string length to Unicode string length. Cc: Eric Dong <eric.dong@intel.com> Cc: Liming Gao <liming.gao@intel.com> Contributed-under: TianoCore Contribution Agreement 1.0 Signed-off-by: Dandan Bi <dandan.bi@intel.com> Reviewed-by: Eric Dong <eric.dong@intel.com>
2017-08-29 14:44:37 +08:00 · 2017-08-29 14:44:37 +08:00 · 1696b221b1
parent 2f208e59e4
commit 1696b221b1
1 changed files with 12 additions and 3 deletions
--- a/MdeModulePkg/Library/UefiHiiLib/HiiLib.c
+++ b/MdeModulePkg/Library/UefiHiiLib/HiiLib.c
@ -1607,7 +1607,7 @@ ValidateQuestionFromVfr (
            break;
          }
          //
-          // Get Width by OneOf Flags
+          // Get the Max size of the string.
          //
          Width  = (UINT16) (IfrString->MaxSize * sizeof (UINT16));
          if (NameValueType) {
@ -1621,6 +1621,10 @@ ValidateQuestionFromVfr (
              //
              break;
            }
+            //
+            // Skip the VarName.
+            //
+            StringPtr += StrLen (QuestionName);

            //
            // Skip the "=".
@ -1629,8 +1633,13 @@ ValidateQuestionFromVfr (
            
            //
            // Check current string length is less than maxsize
+            // e.g Config String: "0041004200430044", Unicode String: "ABCD". Unicode String length = Config String length / 4.
+            // Config string format in UEFI spec.
+            // <NvConfig> ::= <Label>'='<String>
+            // <String> ::= [<Char>]+
+            // <Char> ::= <HexCh>4
            //
-            if (StrSize (StringPtr) > Width) {
+            if (StrLen (StringPtr) / 4 > IfrString->MaxSize) {
              return EFI_INVALID_PARAMETER;
            }
          } else {
@ -1660,7 +1669,7 @@ ValidateQuestionFromVfr (
            //
            // Check current string length is less than maxsize
            //
-            if (StrSize ((CHAR16 *) (VarBuffer + Offset)) > Width) {
+            if (StrLen ((CHAR16 *) (VarBuffer + Offset)) > IfrString->MaxSize) {
              return EFI_INVALID_PARAMETER;
            }
          }