MdePkg/BaseLib: Add 2 more safe string functions.

Add UnicodeStrToAsciiStrS() and AsciiStrToUnicodeStrS() API.
These 2 safe version APIs are used to replace UnicodeStrToAsciiStr() and
AsciiStrToUnicodeStr() API.

The safe version string convert APIs use similar check as StrCpyS().

Cc: Liming Gao <Liming.Gao@intel.com>
Cc: Michael D Kinney <michael.d.kinney@intel.com>
Contributed-under: TianoCore Contribution Agreement 1.0
Signed-off-by: Jiewen Yao <Jiewen.Yao@intel.com>
Reviewed-by: Liming Gao <Liming.Gao@intel.com>
Reviewed-by: Jaben Carsey <jaben.carsey@intel.com>
This commit is contained in:
Jiewen Yao 2016-06-02 22:38:23 +08:00
parent d3858e1006
commit 3ab41b7a32
2 changed files with 288 additions and 2 deletions

View File

@ -2,7 +2,7 @@
Provides string functions, linked list functions, math functions, synchronization Provides string functions, linked list functions, math functions, synchronization
functions, file path functions, and CPU architecture-specific functions. functions, file path functions, and CPU architecture-specific functions.
Copyright (c) 2006 - 2015, Intel Corporation. All rights reserved.<BR> Copyright (c) 2006 - 2016, Intel Corporation. All rights reserved.<BR>
Portions copyright (c) 2008 - 2009, Apple Inc. All rights reserved.<BR> Portions copyright (c) 2008 - 2009, Apple Inc. All rights reserved.<BR>
This program and the accompanying materials This program and the accompanying materials
are licensed and made available under the terms and conditions of the BSD License are licensed and made available under the terms and conditions of the BSD License
@ -1060,6 +1060,54 @@ UnicodeStrToAsciiStr (
OUT CHAR8 *Destination OUT CHAR8 *Destination
); );
/**
Convert a Null-terminated Unicode string to a Null-terminated
ASCII string.
This function is similar to AsciiStrCpyS.
This function converts the content of the Unicode string Source
to the ASCII string Destination by copying the lower 8 bits of
each Unicode character. The function terminates the ASCII string
Destination by appending a Null-terminator character at the end.
The caller is responsible to make sure Destination points to a buffer with size
equal or greater than ((StrLen (Source) + 1) * sizeof (CHAR8)) in bytes.
If any Unicode characters in Source contain non-zero value in
the upper 8 bits, then ASSERT().
If Source is not aligned on a 16-bit boundary, then ASSERT().
If an error would be returned, then the function will also ASSERT().
If an error is returned, then the Destination is unmodified.
@param Source The pointer to a Null-terminated Unicode string.
@param Destination The pointer to a Null-terminated ASCII string.
@param DestMax The maximum number of Destination Ascii
char, including terminating null char.
@retval RETURN_SUCCESS String is converted.
@retval RETURN_BUFFER_TOO_SMALL If DestMax is NOT greater than StrLen(Source).
@retval RETURN_INVALID_PARAMETER If Destination is NULL.
If Source is NULL.
If PcdMaximumAsciiStringLength is not zero,
and DestMax is greater than
PcdMaximumAsciiStringLength.
If PcdMaximumUnicodeStringLength is not zero,
and DestMax is greater than
PcdMaximumUnicodeStringLength.
If DestMax is 0.
@retval RETURN_ACCESS_DENIED If Source and Destination overlap.
**/
RETURN_STATUS
EFIAPI
UnicodeStrToAsciiStrS (
IN CONST CHAR16 *Source,
OUT CHAR8 *Destination,
IN UINTN DestMax
);
#ifndef DISABLE_NEW_DEPRECATED_INTERFACES #ifndef DISABLE_NEW_DEPRECATED_INTERFACES
@ -1598,6 +1646,50 @@ AsciiStrToUnicodeStr (
OUT CHAR16 *Destination OUT CHAR16 *Destination
); );
/**
Convert one Null-terminated ASCII string to a Null-terminated
Unicode string.
This function is similar to StrCpyS.
This function converts the contents of the ASCII string Source to the Unicode
string Destination. The function terminates the Unicode string Destination by
appending a Null-terminator character at the end.
The caller is responsible to make sure Destination points to a buffer with size
equal or greater than ((AsciiStrLen (Source) + 1) * sizeof (CHAR16)) in bytes.
If Destination is not aligned on a 16-bit boundary, then ASSERT().
If an error would be returned, then the function will also ASSERT().
If an error is returned, then the Destination is unmodified.
@param Source The pointer to a Null-terminated ASCII string.
@param Destination The pointer to a Null-terminated Unicode string.
@param DestMax The maximum number of Destination Unicode
char, including terminating null char.
@retval RETURN_SUCCESS String is converted.
@retval RETURN_BUFFER_TOO_SMALL If DestMax is NOT greater than StrLen(Source).
@retval RETURN_INVALID_PARAMETER If Destination is NULL.
If Source is NULL.
If PcdMaximumUnicodeStringLength is not zero,
and DestMax is greater than
PcdMaximumUnicodeStringLength.
If PcdMaximumAsciiStringLength is not zero,
and DestMax is greater than
PcdMaximumAsciiStringLength.
If DestMax is 0.
@retval RETURN_ACCESS_DENIED If Source and Destination overlap.
**/
RETURN_STATUS
EFIAPI
AsciiStrToUnicodeStrS (
IN CONST CHAR8 *Source,
OUT CHAR16 *Destination,
IN UINTN DestMax
);
/** /**
Converts an 8-bit value to an 8-bit BCD value. Converts an 8-bit value to an 8-bit BCD value.

View File

@ -1,7 +1,7 @@
/** @file /** @file
Safe String functions. Safe String functions.
Copyright (c) 2014, Intel Corporation. All rights reserved.<BR> Copyright (c) 2014 - 2016, Intel Corporation. All rights reserved.<BR>
This program and the accompanying materials This program and the accompanying materials
are licensed and made available under the terms and conditions of the BSD License are licensed and made available under the terms and conditions of the BSD License
which accompanies this distribution. The full text of the license may be found at which accompanies this distribution. The full text of the license may be found at
@ -942,3 +942,197 @@ AsciiStrnCatS (
return RETURN_SUCCESS; return RETURN_SUCCESS;
} }
/**
Convert a Null-terminated Unicode string to a Null-terminated
ASCII string.
This function is similar to AsciiStrCpyS.
This function converts the content of the Unicode string Source
to the ASCII string Destination by copying the lower 8 bits of
each Unicode character. The function terminates the ASCII string
Destination by appending a Null-terminator character at the end.
The caller is responsible to make sure Destination points to a buffer with size
equal or greater than ((StrLen (Source) + 1) * sizeof (CHAR8)) in bytes.
If any Unicode characters in Source contain non-zero value in
the upper 8 bits, then ASSERT().
If Source is not aligned on a 16-bit boundary, then ASSERT().
If an error would be returned, then the function will also ASSERT().
If an error is returned, then the Destination is unmodified.
@param Source The pointer to a Null-terminated Unicode string.
@param Destination The pointer to a Null-terminated ASCII string.
@param DestMax The maximum number of Destination Ascii
char, including terminating null char.
@retval RETURN_SUCCESS String is converted.
@retval RETURN_BUFFER_TOO_SMALL If DestMax is NOT greater than StrLen(Source).
@retval RETURN_INVALID_PARAMETER If Destination is NULL.
If Source is NULL.
If PcdMaximumAsciiStringLength is not zero,
and DestMax is greater than
PcdMaximumAsciiStringLength.
If PcdMaximumUnicodeStringLength is not zero,
and DestMax is greater than
PcdMaximumUnicodeStringLength.
If DestMax is 0.
@retval RETURN_ACCESS_DENIED If Source and Destination overlap.
**/
RETURN_STATUS
EFIAPI
UnicodeStrToAsciiStrS (
IN CONST CHAR16 *Source,
OUT CHAR8 *Destination,
IN UINTN DestMax
)
{
UINTN SourceLen;
ASSERT (((UINTN) Source & BIT0) == 0);
//
// 1. Neither Destination nor Source shall be a null pointer.
//
SAFE_STRING_CONSTRAINT_CHECK ((Destination != NULL), RETURN_INVALID_PARAMETER);
SAFE_STRING_CONSTRAINT_CHECK ((Source != NULL), RETURN_INVALID_PARAMETER);
//
// 2. DestMax shall not be greater than ASCII_RSIZE_MAX or RSIZE_MAX.
//
if (ASCII_RSIZE_MAX != 0) {
SAFE_STRING_CONSTRAINT_CHECK ((DestMax <= ASCII_RSIZE_MAX), RETURN_INVALID_PARAMETER);
}
if (RSIZE_MAX != 0) {
SAFE_STRING_CONSTRAINT_CHECK ((DestMax <= RSIZE_MAX), RETURN_INVALID_PARAMETER);
}
//
// 3. DestMax shall not equal zero.
//
SAFE_STRING_CONSTRAINT_CHECK ((DestMax != 0), RETURN_INVALID_PARAMETER);
//
// 4. DestMax shall be greater than StrnLenS (Source, DestMax).
//
SourceLen = StrnLenS (Source, DestMax);
SAFE_STRING_CONSTRAINT_CHECK ((DestMax > SourceLen), RETURN_BUFFER_TOO_SMALL);
//
// 5. Copying shall not take place between objects that overlap.
//
SAFE_STRING_CONSTRAINT_CHECK (!InternalSafeStringIsOverlap (Destination, DestMax, (VOID *)Source, (SourceLen + 1) * sizeof(CHAR16)), RETURN_ACCESS_DENIED);
//
// convert string
//
while (*Source != '\0') {
//
// If any Unicode characters in Source contain
// non-zero value in the upper 8 bits, then ASSERT().
//
ASSERT (*Source < 0x100);
*(Destination++) = (CHAR8) *(Source++);
}
*Destination = '\0';
return RETURN_SUCCESS;
}
/**
Convert one Null-terminated ASCII string to a Null-terminated
Unicode string.
This function is similar to StrCpyS.
This function converts the contents of the ASCII string Source to the Unicode
string Destination. The function terminates the Unicode string Destination by
appending a Null-terminator character at the end.
The caller is responsible to make sure Destination points to a buffer with size
equal or greater than ((AsciiStrLen (Source) + 1) * sizeof (CHAR16)) in bytes.
If Destination is not aligned on a 16-bit boundary, then ASSERT().
If an error would be returned, then the function will also ASSERT().
If an error is returned, then the Destination is unmodified.
@param Source The pointer to a Null-terminated ASCII string.
@param Destination The pointer to a Null-terminated Unicode string.
@param DestMax The maximum number of Destination Unicode
char, including terminating null char.
@retval RETURN_SUCCESS String is converted.
@retval RETURN_BUFFER_TOO_SMALL If DestMax is NOT greater than StrLen(Source).
@retval RETURN_INVALID_PARAMETER If Destination is NULL.
If Source is NULL.
If PcdMaximumUnicodeStringLength is not zero,
and DestMax is greater than
PcdMaximumUnicodeStringLength.
If PcdMaximumAsciiStringLength is not zero,
and DestMax is greater than
PcdMaximumAsciiStringLength.
If DestMax is 0.
@retval RETURN_ACCESS_DENIED If Source and Destination overlap.
**/
RETURN_STATUS
EFIAPI
AsciiStrToUnicodeStrS (
IN CONST CHAR8 *Source,
OUT CHAR16 *Destination,
IN UINTN DestMax
)
{
UINTN SourceLen;
ASSERT (((UINTN) Destination & BIT0) == 0);
//
// 1. Neither Destination nor Source shall be a null pointer.
//
SAFE_STRING_CONSTRAINT_CHECK ((Destination != NULL), RETURN_INVALID_PARAMETER);
SAFE_STRING_CONSTRAINT_CHECK ((Source != NULL), RETURN_INVALID_PARAMETER);
//
// 2. DestMax shall not be greater than RSIZE_MAX or ASCII_RSIZE_MAX.
//
if (RSIZE_MAX != 0) {
SAFE_STRING_CONSTRAINT_CHECK ((DestMax <= RSIZE_MAX), RETURN_INVALID_PARAMETER);
}
if (ASCII_RSIZE_MAX != 0) {
SAFE_STRING_CONSTRAINT_CHECK ((DestMax <= ASCII_RSIZE_MAX), RETURN_INVALID_PARAMETER);
}
//
// 3. DestMax shall not equal zero.
//
SAFE_STRING_CONSTRAINT_CHECK ((DestMax != 0), RETURN_INVALID_PARAMETER);
//
// 4. DestMax shall be greater than AsciiStrnLenS(Source, DestMax).
//
SourceLen = AsciiStrnLenS (Source, DestMax);
SAFE_STRING_CONSTRAINT_CHECK ((DestMax > SourceLen), RETURN_BUFFER_TOO_SMALL);
//
// 5. Copying shall not take place between objects that overlap.
//
SAFE_STRING_CONSTRAINT_CHECK (!InternalSafeStringIsOverlap (Destination, DestMax * sizeof(CHAR16), (VOID *)Source, SourceLen + 1), RETURN_ACCESS_DENIED);
//
// Convert string
//
while (*Source != '\0') {
*(Destination++) = (CHAR16)*(Source++);
}
*Destination = '\0';
return RETURN_SUCCESS;
}