From 310908760f5314c4a6d421ebcc6e1370bd2a1177 Mon Sep 17 00:00:00 2001 From: Ard Biesheuvel Date: Mon, 24 Oct 2016 18:29:35 +0100 Subject: [PATCH] EmbeddedPkg/AndroidFastboot: eliminate deprecated string function calls Get rid of calls to unsafe string functions. These are deprecated and may be removed in the future. Note that this also addresses a latent potential issue in HandleDownload(), where NumBytesString[] (which comes from the wire) is assumed to contain a string representation of a number with all the significant digits in the first 8 bytes, which is not guaranteed by the protocol. Contributed-under: TianoCore Contribution Agreement 1.0 Signed-off-by: Ard Biesheuvel Reviewed-by: Laszlo Ersek Reviewed-by: Leif Lindholm --- .../Application/AndroidFastboot/AndroidBootImg.c | 3 ++- .../Application/AndroidFastboot/AndroidFastbootApp.c | 11 ++++++----- 2 files changed, 8 insertions(+), 6 deletions(-) diff --git a/EmbeddedPkg/Application/AndroidFastboot/AndroidBootImg.c b/EmbeddedPkg/Application/AndroidFastboot/AndroidBootImg.c index bbca90fc08..f3e770bcc9 100644 --- a/EmbeddedPkg/Application/AndroidFastboot/AndroidBootImg.c +++ b/EmbeddedPkg/Application/AndroidFastboot/AndroidBootImg.c @@ -84,7 +84,8 @@ ParseAndroidBootImg ( + ALIGN_VALUE (Header->KernelSize, Header->PageSize)); } - AsciiStrnCpy (KernelArgs, Header->KernelArgs, BOOTIMG_KERNEL_ARGS_SIZE); + AsciiStrnCpyS (KernelArgs, BOOTIMG_KERNEL_ARGS_SIZE, Header->KernelArgs, + BOOTIMG_KERNEL_ARGS_SIZE); return EFI_SUCCESS; } diff --git a/EmbeddedPkg/Application/AndroidFastboot/AndroidFastbootApp.c b/EmbeddedPkg/Application/AndroidFastboot/AndroidFastbootApp.c index 9ddc34f57c..c5e8a7e34a 100644 --- a/EmbeddedPkg/Application/AndroidFastboot/AndroidFastbootApp.c +++ b/EmbeddedPkg/Application/AndroidFastboot/AndroidFastbootApp.c @@ -99,7 +99,7 @@ HandleDownload ( IN CHAR8 *NumBytesString ) { - CHAR8 Response[12] = "DATA"; + CHAR8 Response[13]; CHAR16 OutputString[FASTBOOT_STRING_MAX_LENGTH]; // Argument is 8-character ASCII string hex representation of number of bytes @@ -127,8 +127,10 @@ HandleDownload ( if (mDataBuffer == NULL) { SEND_LITERAL ("FAILNot enough memory"); } else { - AsciiStrnCpy (Response + 4, NumBytesString, 8); - mTransport->Send (sizeof(Response), Response, &mFatalSendErrorEvent); + ZeroMem (Response, sizeof Response); + AsciiSPrint (Response, sizeof Response, "DATA%x", + (UINT32)mNumDataBytes); + mTransport->Send (sizeof Response - 1, Response, &mFatalSendErrorEvent); mState = ExpectDataState; mBytesReceivedSoFar = 0; @@ -257,8 +259,7 @@ AcceptCmd ( } // Commands aren't null-terminated. Let's get a null-terminated version. - AsciiStrnCpy (Command, Data, Size); - Command[Size] = '\0'; + AsciiStrnCpyS (Command, sizeof Command, Data, Size); // Parse command if (MATCH_CMD_LITERAL ("getvar", Command)) {