Use PcdSpeculationBarrierType in the x86 implementation
of SpeculationBarrier() to select between AsmLfence(),
AsmCpuid(), and no operation.
Cc: Liming Gao <liming.gao@intel.com>
Signed-off-by: Michael D Kinney <michael.d.kinney@intel.com>
Reviewed-by: Laszlo Ersek <lersek@redhat.com>
Reviewed-by: Brian J. Johnson <brian.johnson@hpe.com>
As Intel tool chain will be removed, support of INTEL tool chain
should be removed first.
https://bugzilla.tianocore.org/show_bug.cgi?id=1666
Cc: Michael D Kinney <michael.d.kinney@intel.com>
Cc: Liming Gao <liming.gao@intel.com>
Contributed-under: TianoCore Contribution Agreement 1.1
Signed-off-by: Shenglei Zhang <shenglei.zhang@intel.com>
Reviewed-by: Liming Gao <liming.gao@intel.com>
(cherry picked from commit dd611bfeaac249cebb6c12ffdcbbf510f8ed1980)
MdePkg BaseLib still uses the inline X86 assembly code
in C code files.For now, inline SetJump/LongJump() can be removed.
https://bugzilla.tianocore.org/show_bug.cgi?id=1163
Cc: Michael D Kinney <michael.d.kinney@intel.com>
Cc: Liming Gao <liming.gao@intel.com>
Contributed-under: TianoCore Contribution Agreement 1.1
Signed-off-by: Shenglei Zhang <shenglei.zhang@intel.com>
Reviewed-by: Liming Gao <liming.gao@intel.com>
.nasm file has been added for X86 arch. .S assembly code
is not required any more.
https://bugzilla.tianocore.org/show_bug.cgi?id=1594
Cc: Michael D Kinney <michael.d.kinney@intel.com>
Cc: Liming Gao <liming.gao@intel.com>
Contributed-under: TianoCore Contribution Agreement 1.1
Signed-off-by: Shenglei Zhang <shenglei.zhang@intel.com>
Reviewed-by: Liming Gao <liming.gao@intel.com>
REF: https://bugzilla.tianocore.org/show_bug.cgi?id=1521
This patch adds SSP - shadow stack pointer to JumpBuffer.
It will be used for the platform that enabled CET/ShadowStack.
We add gEfiMdePkgTokenSpaceGuid.PcdControlFlowEnforcementPropertyMask
to control the global enable/disable.
Cc: Michael D Kinney <michael.d.kinney@intel.com>
Cc: Liming Gao <liming.gao@intel.com>
Cc: Eric Dong <eric.dong@intel.com>
Cc: Ray Ni <ray.ni@intel.com>
Cc: Laszlo Ersek <lersek@redhat.com>
Contributed-under: TianoCore Contribution Agreement 1.1
Signed-off-by: Yao Jiewen <jiewen.yao@intel.com>
Reviewed-by: Ray Ni <ray.ni@intel.com>
Regression-tested-by: Laszlo Ersek <lersek@redhat.com>
Change the type of variable Chr from CHAR8 to UINT32 in a
bitwise operation, to make the two variables in the operation
have the same size.
https://bugzilla.tianocore.org/show_bug.cgi?id=1527
Cc: Michael D Kinney <michael.d.kinney@intel.com>
Cc: Liming Gao <liming.gao@intel.com>
Contributed-under: TianoCore Contribution Agreement 1.1
Signed-off-by: Shenglei Zhang <shenglei.zhang@intel.com>
Reviewed-by: Liming Gao <liming.gao@intel.com>
Replace the dummy C implementation of SpeculationBarrier() with
implementations consisting of the recommended DSB SY + ISB sequence,
as recommended by ARM in the whitepaper "Cache Speculation Side-channels"
version 2.4, dated October 2018.
Contributed-under: TianoCore Contribution Agreement 1.1
Signed-off-by: Ard Biesheuvel <ard.biesheuvel@linaro.org>
Reviewed-by: Liming Gao <liming.gao@intel.com>
Reviewed-by: Leif Lindholm <leif.lindholm@linaro.org>
Introduce public functions Base64Encode and Base64Decode.
https://bugzilla.tianocore.org/show_bug.cgi?id=1370
v2:1.Remove some white space.
2.Add unit test with test vectors in RFC 4648.
https://github.com/shenglei10/edk2/tree/encode_testhttps://github.com/shenglei10/edk2/tree/decode_test
v3:1.Align white space.
2.Update comments of Base64Encode and Base64Decode.
3.Change the use of macro RETURN_DEVICE_ERROR to
RETURN_INVALID_PARAMETER in string.c.
v4:Change parameters' names.
v5:1.Update usage of variables.
2.Remove debug message in Base64Decode().
Cc: Michael D Kinney <michael.d.kinney@intel.com>
Cc: Liming Gao <liming.gao@intel.com>
Contributed-under: TianoCore Contribution Agreement 1.1
Signed-off-by: Shenglei Zhang <shenglei.zhang@intel.com>
Reviewed-by: Ray Ni <ray.ni@intel.com>
Reviewed-by: Liming Gao <liming.gao@intel.com>
InternalCharToUpper and InternalBaseLibAsciiToUpper are internal functions
and now we will introduce public functions that have the same effects.
So I remove their definitions in BaseLibInternals.h.
https://bugzilla.tianocore.org/show_bug.cgi?id=1369
Cc: Michael D Kinney <michael.d.kinney@intel.com>
Cc: Liming Gao <liming.gao@intel.com>
Contributed-under: TianoCore Contribution Agreement 1.1
Signed-off-by: Shenglei Zhang <shenglei.zhang@intel.com>
Reviewed-by: Liming Gao <liming.gao@intel.com>
Reviewed-by: Ray Ni <ray.ni@intel.com>
Introduce two public functions CharToUpper and AsciiCharToUpper.
They have the same functions as InternalCharToUpper and
InternalBaseLibAsciiToUpper.Considering the internal functions will
be removed,so directly I change their function names to the public ones'.
https://bugzilla.tianocore.org/show_bug.cgi?id=1369
Cc: Michael D Kinney <michael.d.kinney@intel.com>
Cc: Liming Gao <liming.gao@intel.com>
Contributed-under: TianoCore Contribution Agreement 1.1
Signed-off-by: Shenglei Zhang <shenglei.zhang@intel.com>
Reviewed-by: Ray Ni <ray.ni@intel.com>
REF:https://bugzilla.tianocore.org/show_bug.cgi?id=1417
X86 specific BaseLib API AsmLfence() was introduced to address the Spectre
Variant 1 (CVE-2017-5753) issue. The purpose of this API is to insert
barriers to stop speculative execution. However, the API is highly
architecture (X86) specific, and thus should be avoided using across
generic code.
To address this issue, this patch will add a new BaseLib API called
SpeculationBarrier(). Different architectures will have different
implementations for this API.
For IA32 and x64, the implementation of SpeculationBarrier() will
directly call AsmLfence().
For ARM and AARCH64, this patch will add a temporary empty implementation
as a placeholder. We hope experts in ARM can help to contribute the actual
implementation.
For EBC, similar to the ARM and AARCH64 cases, a temporary empty
implementation is added.
Cc: Ard Biesheuvel <ard.biesheuvel@linaro.org>
Cc: Leif Lindholm <leif.lindholm@linaro.org>
Cc: Michael D Kinney <michael.d.kinney@intel.com>
Cc: Jiewen Yao <jiewen.yao@intel.com>
Cc: Laszlo Ersek <lersek@redhat.com>
Contributed-under: TianoCore Contribution Agreement 1.1
Signed-off-by: Hao Wu <hao.a.wu@intel.com>
Reviewed-by: Liming Gao <liming.gao@intel.com>
Replace multiple, consecutive "\" characters prior to other processing
involving "\" characters. This fixes an issue where "\\..\\..",
"//..//..", and similar input paths are not cleaned properly.
Contributed-under: TianoCore Contribution Agreement 1.1
Signed-off-by: Jim Dailey <jim_dailey@dell.com>
Reviewed-by: Ruiyu Ni <Ruiyu.ni@Intel.com>
Reviewed-by: Liming Gao <liming.gao@intel.com>
REF:https://bugzilla.tianocore.org/show_bug.cgi?id=1262
Current implementation of BaseLib APIs:
AsciiStrToUnicodeStr()
AsciiStrToUnicodeStrS()
AsciiStrnToUnicodeStrS()
do not handle EASCII properly.
More specifically, if the value of ASCII character is larger than 0x7F,
then the converted Unicode character will have all '1's in the higher 8
bits.
An example:
0xC9 => 0xFFC9 (current implementations)
and it should be:
0xC9 => 0x00C9
This commit will address this issue.
Cc: Bin.Lain <bin_601@mail2000.com.tw>
Cc: Jiewen Yao <jiewen.yao@intel.com>
Cc: Michael D Kinney <michael.d.kinney@intel.com>
Contributed-under: TianoCore Contribution Agreement 1.1
Signed-off-by: Hao Wu <hao.a.wu@intel.com>
Reviewed-by: Liming Gao <liming.gao@intel.com>
MdePkg-BaseLib: Fix PathCleanUpDirectories() error involving "\..\.."
The loop that removes "xxxx\..\" errs when multiple "\.." sequences are
in the path. Before this change the code would modify a path like
"FS0:\efi\tools\..\.." to "FS0:\efi\\.." and then to "FS0:\efi\", but
the correct path is "FS0:\".
You can test the effect of this change in the shell by setting the
current directory to something like FS0:\efi\boot and then executing
the command "ls ..\..". Before the change you will see the files in
the FS0:\efi directory; after the change, you will see the files in
the root directory of FS0:.
Contributed-under: TianoCore Contribution Agreement 1.1
Signed-off-by: Jim Dailey <jim_dailey@dell.com>
Reviewed-by: Ruiyu Ni <ruiyu.ni@intel.com>
REF:https://bugzilla.tianocore.org/show_bug.cgi?id=1193
This commit will add a new BaseLib API AsmLfence(). This API will perform
a serializing operation on all load-from-memory instructions that were
issued prior to the call of this function. Please note that this API is
only available on IA-32 and x64.
The purpose of adding this API is to mitigate of the [CVE-2017-5753]
Bounds Check Bypass issue when untrusted data are being processed within
SMM. More details can be referred at the 'Bounds check bypass mitigation'
section at the below link:
https://software.intel.com/security-software-guidance/insights/host-firmware-speculative-execution-side-channel-mitigation
Cc: Ard Biesheuvel <ard.biesheuvel@linaro.org>
Cc: Leif Lindholm <leif.lindholm@linaro.org>
Cc: Michael D Kinney <michael.d.kinney@intel.com>
Contributed-under: TianoCore Contribution Agreement 1.1
Signed-off-by: Hao Wu <hao.a.wu@intel.com>
Reviewed-by: Jiewen Yao <jiewen.yao@intel.com>
Reviewed-by: Liming Gao <liming.gao@intel.com>
Acked-by: Laszlo Ersek <lersek@redhat.com>
Regression-tested-by: Laszlo Ersek <lersek@redhat.com>
The PCD below is unused, so it has been removed from inf.
gEfiMdePkgTokenSpaceGuid.PcdDebugPropertyMask
Cc: Michael D Kinney <michael.d.kinney@intel.com>
Cc: Liming Gao <liming.gao@intel.com>
Cc: Laszlo Ersek <lersek@redhat.com>
Contributed-under: TianoCore Contribution Agreement 1.1
Signed-off-by: shenglei <shenglei.zhang@intel.com>
Reviewed-by: Laszlo Ersek <lersek@redhat.com>
Removing rules for Ipf sources file:
* Remove the source file which path with "ipf" and also listed in
[Sources.IPF] section of INF file.
* Remove the source file which listed in [Components.IPF] section
of DSC file and not listed in any other [Components] section.
* Remove the embedded Ipf code for MDE_CPU_IPF.
Removing rules for Inf file:
* Remove IPF from VALID_ARCHITECTURES comments.
* Remove DXE_SAL_DRIVER from LIBRARY_CLASS in [Defines] section.
* Remove the INF which only listed in [Components.IPF] section in DSC.
* Remove statements from [BuildOptions] that provide IPF specific flags.
* Remove any IPF sepcific sections.
Removing rules for Dec file:
* Remove [Includes.IPF] section from Dec.
Removing rules for Dsc file:
* Remove IPF from SUPPORTED_ARCHITECTURES in [Defines] section of DSC.
* Remove any IPF specific sections.
* Remove statements from [BuildOptions] that provide IPF specific flags.
Cc: Liming Gao <liming.gao@intel.com>
Cc: Michael D Kinney <michael.d.kinney@intel.com>
Contributed-under: TianoCore Contribution Agreement 1.1
Signed-off-by: Chen A Chen <chen.a.chen@intel.com>
Reviewed-by: Liming Gao <liming.gao@intel.com>
This commit adds an addtional check in AsciiStriCmp. It
explicitly checks the end of the sting pointed by 'SecondString' to make
the code logic easier for reading and to prevent possible mis-reports by
static code checkers.
Contributed-under: TianoCore Contribution Agreement 1.1
Signed-off-by: Ruiyu Ni <ruiyu.ni@intel.com>
Reviewed-by: Hao Wu <Hao.a.wu@intel.com>
Hopefully this should tidy the conversion warnings.
----
Add 32-bit and 64-bit functions that count number of set bits in a bitfield
using a divide-and-count method.
Contributed-under: TianoCore Contribution Agreement 1.1
Signed-off-by: Tomas Pilar <tpilar@solarflare.com>
Cc: Liming Gao <liming.gao@intel.com>
Cc: Michael D Kinney <michael.d.kinney@intel.com>
Reviewed-by: Liming Gao <liming.gao@intel.com>
Reviewed-by: Michael Kinney <michael.d.kinney@intel.com>
1. Do not use tab characters
2. No trailing white space in one line
3. All files must end with CRLF
Contributed-under: TianoCore Contribution Agreement 1.1
Signed-off-by: Liming Gao <liming.gao@intel.com>
NASM has replaced ASM and S files.
1. Remove ASM from all modules.
2. Remove S files from the drivers only.
3. https://bugzilla.tianocore.org/show_bug.cgi?id=881
After NASM is updated, S files can be removed from Library.
Contributed-under: TianoCore Contribution Agreement 1.1
Signed-off-by: Liming Gao <liming.gao@intel.com>
Reviewed-by: Michael Kinney <michael.d.kinney@intel.com>
Most of the RVCT assembly can be reused as is for MSFT except
for CpuBreakpoint.asm, which we need to force to Arm mode.
Contributed-under: TianoCore Contribution Agreement 1.1
Signed-off-by: Pete Batard <pete@akeo.ie>
Reviewed-by: Liming Gao <liming.gao@intel.com>
Today's implementation of [Ascii]StrnCpyS/[Ascii]StrnCatS calls
StrnLenS () to get the length of source string but supplies the
destination buffer size as max size.
It's a bug that may cause out-of-bound memory access.
For example:
StrnCpyS (Dest[10], 10, "hello", 6)
-> StrnLenS ("hello", 10) //< cause out-of bound memory access
In a pool guard enabled environment, when using shell to edit an
existing file which contains empty line, the page fault is met.
The patch fixes the four library functions to avoid such
out-of-bound memory access.
Contributed-under: TianoCore Contribution Agreement 1.1
Signed-off-by: Ruiyu Ni <ruiyu.ni@intel.com>
Reviewed-by: Jiewen Yao <jiewen.yao@intel.com>
Cc: Liming Gao <liming.gao@intel.com>
Cc: Jian J Wang <jian.j.wang@intel.com>
When compiling with any ARM toolchain and Os, registers can get
trashed when returning for the second time from SetJump because GCC
only handles this correctly when using standard names like 'setjmp' or
'getcontext'. When different names are used you have to use the
attribute 'returns_twice' to tell gcc to be extra careful.
example:
extern int FN_NAME(void*);
void jmp_buf_set(void *jmpb, void (*f)(void))
{
if (!FN_NAME(jmpb))
f();
}
this code produces this wrong code with Os:
00000000 <jmp_buf_set>:
0: e92d4010 push {r4, lr}
4: e1a04001 mov r4, r1
8: ebfffffe bl 0 <nonstandard_setjmp>
c: e3500000 cmp r0, #0
10: 01a03004 moveq r3, r4
14: 08bd4010 popeq {r4, lr}
18: 012fff13 bxeq r3
1c: e8bd4010 pop {r4, lr}
20: e12fff1e bx lr
The generated code pushes backups of r4 and lr to the stack and then
saves all registers using nonstandard_setjmp.
Then it pops the stack and jumps to the function in r3 which is the
main problem because now the function can overwrite our register
backups on the stack.
When we return a second time from the call to nonstandard_setjmp, the
stack pointer has it's original(pushed) position and when the code
pops r4 and lr from the stack the values are not guaranteed to be the
same.
When using a standard name like setjmp or getcontext or adding
'__attribute__((returns_twice))' to nonstandard_setjmp's declaration
the code looks different:
00000000 <jmp_buf_set>:
0: e92d4007 push {r0, r1, r2, lr}
4: e58d1004 str r1, [sp, #4]
8: ebfffffe bl 0 <setjmp>
c: e3500000 cmp r0, #0
10: 059d3004 ldreq r3, [sp, #4]
14: 01a0e00f moveq lr, pc
18: 012fff13 bxeq r3
1c: e28dd00c add sp, sp, #12
20: e49de004 pop {lr} ; (ldr lr, [sp], #4)
24: e12fff1e bx lr
Here the problem is being solved by restoring r3 from the stack
without popping it.
Contributed-under: TianoCore Contribution Agreement 1.1
Signed-off-by: Michael Zimmermann <sigmaepsilon92@gmail.com>
Reviewed-by: Liming Gao <liming.gao@intel.com>
The new definitions include two structures
IA32_TASK_STATE_SEGMENT
IA32_TSS_DESCRIPTOR
two macros
IA32_GDT_TYPE_TSS
IA32_GDT_ALIGNMENT
and one API
VOID
EFIAPI
AsmWriteTr (
IN UINT16 Selector
);
They're needed to setup task gate and interrupt stack table for stack switch.
Cc: Michael D Kinney <michael.d.kinney@intel.com>
Cc: Liming Gao <liming.gao@intel.com>
Cc: Jiewen Yao <jiewen.yao@intel.com>
Suggested-by: Ayellet Wolman <ayellet.wolman@intel.com>
Contributed-under: TianoCore Contribution Agreement 1.1
Signed-off-by: Jian J Wang <jian.j.wang@intel.com>
Reviewed-by: Jeff Fan <vanjeff_919@hotmail.com>
Reviewed-by: Jiewen.yao@intel.com
V2:
Fix MSFT C4255 warning
V1:
Enable MSFT C4255 warning.
From MSDN:
Compiler Warning (level 4) C4255
function' : no function prototype given: converting '()' to '(void)'
The compiler did not find an explicit list of arguments to a function.
This warning is for the C compiler only.
Cc: Liming Gao <liming.gao@intel.com>
Contributed-under: TianoCore Contribution Agreement 1.1
Signed-off-by: Bell Song <binx.song@intel.com>
Reviewed-by: Liming Gao <liming.gao@intel.com>
CalculateCrc32() bases on the initialized mCrcTable. When CalculateCrc32()
is used, mCrcTable will take 1KB size in the image. When CalculateCrc32()
is not used, mCrcTable will not be built in the image, and no size impact.
Contributed-under: TianoCore Contribution Agreement 1.1
Signed-off-by: Liming Gao <liming.gao@intel.com>
REF: https://bugzilla.tianocore.org/show_bug.cgi?id=705
As mentioned in the above Bugzilla link by Steven, within the function
PathCleanUpDirectories(), when executing command:
"cd ."
under Shell, the input parameter 'Path' string will have string length
less than 2. Hence, it is possible for the below statement:
"if (StrCmp (Path + StrLen (Path) - 2, L"\\.") == 0) {"
to read contents before the string boundary.
This commit adds additional checks to avoid this.
Cc: Steven Shi <steven.shi@intel.com>
Cc: Michael Kinney <michael.d.kinney@intel.com>
Cc: Liming Gao <liming.gao@intel.com>
Contributed-under: TianoCore Contribution Agreement 1.1
Signed-off-by: Hao Wu <hao.a.wu@intel.com>
Reviewed-by: Ruiyu Ni <ruiyu.ni@intel.com>
1) Replace InternalBaseLibIsNodeInList() with
InternalBaseLibIsListValid().
- The verification whether Node is within the doubly-linked List
is now done by IsNodeInList().
- Whether the list is valid is returned.
2) The comments within InsertHeadList() and InsertTailList() stated
that it is checked whether Entry is not part of the doubly-linked
list. This was not done as argument 3 of
InternalBaseLibIsNodeInList() indicated whether the check is done,
not whether to check if the node is or is not in the list. This
has been fixed by using IsNodeInList() for the ASSERTs.
V2:
- Fix IsListEmpty() to ASSERT when the passed list is invalid.
- Introduce the VERIFY_IS_NODE_IN_LIST() macro to only verify whether the
passed node is part of the list when PcdVerifyNodeInList is TRUE.
V3:
- Introduce the ASSERT_VERIFY_NODE_IN_VALID_LIST() macro which,
depending on the value of PcdVerifyNodeInList, verifies whether
SecondEntry is or is not part of the same doubly-linked list as
FirstEntry and unconditionally verifies whether the doubly-linked
list FirstEntry is part of is valid. This prevents
InternalBaseLibIsListValid() from being called twice when a
function ASSERTs via the result of IsNodeInList(), as it calls
InternalBaseLibIsListValid() already.
- Remove the VERIFY_IS_NODE_IN_LIST() macro in favor of
ASSERT_VERIFY_NODE_IN_VALID_LIST().
Contributed-under: TianoCore Contribution Agreement 1.1
Signed-off-by: Marvin Haeuser <Marvin.Haeuser@outlook.com>
Reviewed-by: Liming Gao <liming.gao@intel.com>
This patch adds IsNodeInList() to BaseLib, which verifies the given
Node is part of the doubly-linked List provided.
V2:
- Rename "List" to "FirstEntry" and "Node" to "SecondEntry" to clarify that
"FirstEntry" does not need to be the doubly-linked list's head node.
V3:
- Remove ASSERTs from IsNodeInList() which are present in
InternalBaseLibIsListValid().
Contributed-under: TianoCore Contribution Agreement 1.1
Signed-off-by: Marvin Haeuser <Marvin.Haeuser@outlook.com>
Reviewed-by: Liming Gao <liming.gao@intel.com>
The change doesn't impact the functionality.
Contributed-under: TianoCore Contribution Agreement 1.0
Signed-off-by: Ruiyu Ni <ruiyu.ni@intel.com>
Reviewed-by: Hao A Wu <hao.a.wu@intel.com>
There are cases that the operands of an expression are all with rank less
than UINT64/INT64 and the result of the expression is explicitly cast to
UINT64/INT64 to fit the target size.
An example will be:
UINT32 a,b;
// a and b can be any unsigned int type with rank less than UINT64, like
// UINT8, UINT16, etc.
UINT64 c;
c = (UINT64) (a + b);
Some static code checkers may warn that the expression result might
overflow within the rank of "int" (integer promotions) and the result is
then cast to a bigger size.
The commit refines codes by the following rules:
1). When the expression is possible to overflow the range of unsigned int/
int:
c = (UINT64)a + b;
2). When the expression will not overflow within the rank of "int", remove
the explicit type casts:
c = a + b;
3). When the expression will be cast to pointer of possible greater size:
UINT32 a,b;
VOID *c;
c = (VOID *)(UINTN)(a + b); --> c = (VOID *)((UINTN)a + b);
4). When one side of a comparison expression contains only operands with
rank less than UINT32:
UINT8 a;
UINT16 b;
UINTN c;
if ((UINTN)(a + b) > c) {...} --> if (((UINT32)a + b) > c) {...}
For rule 4), if we remove the 'UINTN' type cast like:
if (a + b > c) {...}
The VS compiler will complain with warning C4018 (signed/unsigned
mismatch, level 3 warning) due to promoting 'a + b' to type 'int'.
Contributed-under: TianoCore Contribution Agreement 1.0
Signed-off-by: Hao Wu <hao.a.wu@intel.com>
Reviewed-by: Laszlo Ersek <lersek@redhat.com>
The patch adds 4 APIs to convert ASCII string to GUID, bytes
buffer, IP v4 address and IP v6 address.
Contributed-under: TianoCore Contribution Agreement 1.0
Signed-off-by: Ruiyu Ni <ruiyu.ni@intel.com>
Reviewed-by: Liming Gao <liming.gao@intel.com>
Cc: Jiewen Yao <jiewen.yao@intel.com>
Cc: Siyuan Fu <siyuan.fu@intel.com>
The patch adds 4 APIs to convert Unicode string to GUID, bytes
buffer, IP v4 address and IP v6 address.
Contributed-under: TianoCore Contribution Agreement 1.0
Signed-off-by: Ruiyu Ni <ruiyu.ni@intel.com>
Reviewed-by: Liming Gao <liming.gao@intel.com>
Cc: Jiewen Yao <jiewen.yao@intel.com>
Cc: Siyuan Fu <siyuan.fu@intel.com>
Add the following 2 APIs:
UnicodeStrnToAsciiStrS
AsciiStrnToUnicodeStrS
These APIs are used to enhance APIs UnicodeStrToAsciiStrS and
AsciiStrToUnicodeStrS (without 'n' in names) by:
1. Adds an input parameter 'Length' to specify the maximum number of
Ascii/Unicode characters to convert.
2. Adds an output parameter 'DestinationLength' to indicate the number of
Ascii/Unicode characters successfully converted.
Contributed-under: TianoCore Contribution Agreement 1.0
Signed-off-by: Hao Wu <hao.a.wu@intel.com>
Reviewed-by: Jiewen Yao <jiewen.yao@intel.com>
For the following 8 APIs in MdePkg/BaseLib:
[Ascii]StrDecimalToUintn
[Ascii]StrDecimalToUint64
[Ascii]StrHexToUintn
[Ascii]StrHexToUint64
They will ASSERT for DEBUG build when the input string exceeds the range
of UINTN/UINT64. However, for RELEASE build, incorrect value will be
returned.
This commit refines those APIs to direcly call their enhanced counterparts
(with trailing 'S' in API names) so as to remove those exceed-range ASSERT
checks and to make those APIs to return MAX_UINTN/MAX_UINT64 instead.
Contributed-under: TianoCore Contribution Agreement 1.0
Signed-off-by: Hao Wu <hao.a.wu@intel.com>
Reviewed-by: Jiewen Yao <jiewen.yao@intel.com>
Add the following 8 APIs:
[Ascii]StrDecimalToUintnS
[Ascii]StrDecimalToUint64S
[Ascii]StrHexToUintnS
[Ascii]StrHexToUint64S
These safe version APIs are used to enhance their counterpart (APIs
without trailing 'S' in function names).
These safe version APIs perform checks to the input string and will return
relative status to reflect the check result:
When the input string exceeds the range of UINTN/64, these APIs will
return RETURN_UNSUPPORTED and store MAX_UINTN/64 in the output data.
When no conversion can be performed for the input string, these APIs will
return RETURN_SUCCESS and store 0 in the output data.
The optional parameter 'EndPointer', if provided, will point to the
character that stopped the scan.
Contributed-under: TianoCore Contribution Agreement 1.0
Signed-off-by: Hao Wu <hao.a.wu@intel.com>
Reviewed-by: Jiewen Yao <jiewen.yao@intel.com>
Add StrnSizeS() and AsciiStrnSizeS() APIs.
These 2 safe version APIs are used to replace StrSize() and
AsciiStrSize(). Those two APIs use similar checks as [Ascii]StrnLenS().
Contributed-under: TianoCore Contribution Agreement 1.0
Signed-off-by: Hao Wu <hao.a.wu@intel.com>
Reviewed-by: Jiewen Yao <jiewen.yao@intel.com>
The old code incorrectly cleans path like "fs0:\abc\.\.." to
"fs0:\abc", instead of "fs0:\"
The patch fixes this bug.
Contributed-under: TianoCore Contribution Agreement 1.0
Signed-off-by: Chen A Chen <chen.a.chen@intel.com>
Signed-off-by: Ruiyu Ni <ruiyu.ni@intel.com>
Reviewed-by: Jaben Carsey <jaben.carsey@intel.com>
Reviewed-by: Ruiyu Ni <ruiyu.ni@intel.com>
This commit adds an addtional check in AsciiStrnCmp and StrnCmp. It
explicitly checks the end of the sting pointed by 'SecondString' to make
the code logic easier for reading and to prevent possible mis-reports by
static code checkers.
Contributed-under: TianoCore Contribution Agreement 1.0
Signed-off-by: Hao Wu <hao.a.wu@intel.com>
Reviewed-by: Michael Kinney <michael.d.kinney@intel.com>
This commit refines the logic for AsciiStrnLenS and StrnLenS. It makes the
logic more straightforward to prevent possible mis-reports by static code
checkers.
Contributed-under: TianoCore Contribution Agreement 1.0
Signed-off-by: Hao Wu <hao.a.wu@intel.com>
Reviewed-by: Liming Gao <liming.gao@intel.com>
https://bugzilla.tianocore.org/show_bug.cgi?id=239
When the input path for API PathRemoveLastItem() is a root path like
'fs0:\', the API will return TRUE (indicating a directory or file was
removed from the path) and modifies the path to 'fs0:'. In fact, there's
no directory or file removed in the above case.
This commit adds additional check to resolve this issue and modifies the
API's description to make it more straightforward.
Cc: Ruiyu Ni <ruiyu.ni@intel.com>
Cc: Liming Gao <liming.gao@intel.com>
Contributed-under: TianoCore Contribution Agreement 1.0
Signed-off-by: Hao Wu <hao.a.wu@intel.com>
Reviewed-by: Ruiyu Ni <ruiyu.ni@intel.com>
Michael D Kinney
Shenglei Zhang
Yao, Jiewen
Ard Biesheuvel
Mike Turner
Hao Wu
Jim.Dailey@dell.com
Chen A Chen
Ruiyu Ni
Tomas Pilar (tpilar)
Liming Gao
Laszlo Ersek
Pete Batard
M1cha
Jian J Wang
Song, BinX
Marvin.Haeuser@outlook.com
Qin Long