REF: https://bugzilla.tianocore.org/show_bug.cgi?id=1652
Commit ffe5f7a6b4
"MdeModulePkg/HiiDatabase: Fix potential integer overflow "
added some new error paths, but it missed releasing the
mHiiDatabaseLock lock on those paths.
This patch releases mHiiDatabaseLock on those paths.
Cc: Hao Wu <hao.a.wu@intel.com>
Cc: Ray Ni <ray.ni@intel.com>
Cc: Liming Gao <liming.gao@intel.com>
Signed-off-by: Dandan Bi <dandan.bi@intel.com>
Reviewed-by: Hao Wu <hao.a.wu@intel.com>
(cherry picked from commit 927c516f9557f2f36319fe5d2508af29e3375fb8)
REF: https://bugzilla.tianocore.org/show_bug.cgi?id=1135
For 4bit BMP, there are only 2^4 = 16 colors in the palette.
But when a corrupted BMP contains more than 16 colors in the palette,
today's implementation wrongly copies all colors to the local
PaletteValue[16] array which causes stack overflow.
The similar issue also exists in the logic to handle 8bit BMP.
The patch fixes the issue by only copies the first 16 or 256 colors
in the palette depending on the BMP type.
Contributed-under: TianoCore Contribution Agreement 1.1
Signed-off-by: Ray Ni <ray.ni@intel.com>
Cc: Liming Gao <liming.gao@intel.com>
Cc: Jiewen Yao <jiewen.yao@intel.com>
Reviewed-by: Jian J Wang <jian.j.wang@intel.com>
REF: https://bugzilla.tianocore.org/show_bug.cgi?id=1235
When update contents in HiiDatabase, like:
1. Add/update/remove package list
2. Add/update string
3. Add/update image
We should make these operations atomic to prevent the
potential issue that the one update operation with
higher TPL may interrupt another.
This commit is to make the HiiDatabase update behaviors
atomic by adding EfiAcquireLock/EfiReleaseLock function.
Cc: Liming Gao <liming.gao@intel.com>
Cc: Eric Dong <eric.dong@intel.com>
Contributed-under: TianoCore Contribution Agreement 1.1
Signed-off-by: Dandan Bi <dandan.bi@intel.com>
Reviewed-by: Liming Gao <liming.gao@intel.com>
1. Do not use tab characters
2. No trailing white space in one line
3. All files must end with CRLF
Contributed-under: TianoCore Contribution Agreement 1.1
Signed-off-by: Liming Gao <liming.gao@intel.com>
Reviewed-by: Star Zeng <star.zeng@intel.com>
An example:
The codes in function Output8bitPixel in Image.c:
OffsetY = BITMAP_LEN_8_BIT ((UINT32) Image->Width, Ypos);
Both Image->Width and Ypos are of type UINT16. They will be promoted to
int (signed) first, and then perform the multiplication defined by macro
BITMAP_LEN_8_BIT. If the result of multiplication between Image->Width and
Ypos exceeds the range of type int, a potential incorrect results
will be assigned to OffsetY.
This commit adds explicit UINT32 type cast for 'Image->Width' to avoid
possible overflow in the int range. And also fix similar issues in
HiiDatabase.
Cc: Eric Dong <eric.dong@intel.com>
Cc: Liming Gao <liming.gao@intel.com>
Cc: Hao Wu <hao.a.wu@intel.com>
Contributed-under: TianoCore Contribution Agreement 1.0
Signed-off-by: Dandan Bi <dandan.bi@intel.com>
Reviewed-by: Hao Wu <hao.a.wu@intel.com>
For pointer subtraction, the result is of type "ptrdiff_t". According to
the C11 standard (Committee Draft - April 12, 2011):
"When two pointers are subtracted, both shall point to elements of the
same array object, or one past the last element of the array object; the
result is the difference of the subscripts of the two array elements. The
size of the result is implementation-defined, and its type (a signed
integer type) is ptrdiff_t defined in the <stddef.h> header. If the result
is not representable in an object of that type, the behavior is
undefined."
In our codes, there are cases that the pointer subtraction is not
performed by pointers to elements of the same array object. This might
lead to potential issues, since the behavior is undefined according to C11
standard.
Also, since the size of type "ptrdiff_t" is implementation-defined. Some
static code checkers may warn that the pointer subtraction might underflow
first and then being cast to a bigger size. For example:
UINT8 *Ptr1, *Ptr2;
UINTN PtrDiff;
...
PtrDiff = (UINTN) (Ptr1 - Ptr2);
The commit will refine the pointer subtraction expressions by casting each
pointer to UINTN first and then perform the subtraction:
PtrDiff = (UINTN) Ptr1 - (UINTN) Ptr2;
Contributed-under: TianoCore Contribution Agreement 1.0
Signed-off-by: Hao Wu <hao.a.wu@intel.com>
Acked-by: Laszlo Ersek <lersek@redhat.com>
Reviewed-by: Feng Tian <feng.tian@intel.com>
According to UEFI spec, NewImageEx()/SetImageEx()/DrawImageEx()
implicitly call the non-Ex version interface
of HiiImage protocol.
GetImageEx()/DrawImageIdEx() are the enhanced version of
GetImage()/DrawImageId(), which can support decoding JPEG/PNG
through the help of HiiImageDecoder protocol.
Contributed-under: TianoCore Contribution Agreement 1.0
Reviewed-by: Liming Gao <liming.gao@intel.com>
Cc: Eric Dong <eric.dong@intel.com>
Cc: Dandan Bi <dandan.bi@intel.com>
Signed-off-by: Ruiyu Ni <ruiyu.ni@intel.com>
1. Update GetImageIdOrAddress() to recognize PNG/JPEG image block.
A offset calculation bug was fixed.
2. Update HiiGetImage() comments to say PNG/JPEG support is provided
by HiiImageEx
3. Update HiiSetImage() to support replacing a PNG/JPEG image block
with a new image
Contributed-under: TianoCore Contribution Agreement 1.0
Reviewed-by: Liming Gao <liming.gao@intel.com>
Cc: Eric Dong <eric.dong@intel.com>
Cc: Dandan Bi <dandan.bi@intel.com>
Signed-off-by: Ruiyu Ni <ruiyu.ni@intel.com>
This feature is aimed to allow OS make use of the HII database
during runtime. In this case, the contents of the HII Database
is exported to a buffer. The pointer to the buffer is placed
in the EFI System Configuration Table, where it can be retrieved
by an OS application.
Cc: Liming Gao <liming.gao@intel.com>
Cc: Eric Dong <eric.dong@intel.com>
Cc: Brian J. Johnson <bjohnson@sgi.com>
Cc: Andrew Fish <afish@apple.com>
Cc: El-Haj-Mahmoud Samer <samer.el-haj-mahmoud@hpe.com>
Contributed-under: TianoCore Contribution Agreement 1.0
Signed-off-by: Dandan Bi <dandan.bi@intel.com>
Reviewed-by: Liming Gao <liming.gao@intel.com>
Reviewed-by: Eric Dong <eric.dong@intel.com>
EDK1145 Cursor mising in shell in some case
EDK1099: Dell - [HII] HiiGetFontInfo() not retrieve the system font by FoFontInfoMask
EDK1127: [UEFI 2.10] Keyboard layout support
EDK1129: [UEFI HII] GUID is represented wrongly in Config String
And some other fixes such as
*[UEFI HII] HiiGetAltCfg is generating "Name=" sub string in the wrong format
*UEFI HII: GetUnicodeStringTextOrSize() doesn't handle NULL StringDest properly
*GetFontInfo() need be updated to avoid iteration
*HIIStringProtocolTest failed on multiple platform
*[Uefi 2.1] Comply with latest Hii ECR
* GetFontInfo() need be updated to avoid iteration
git-svn-id: https://edk2.svn.sourceforge.net/svnroot/edk2/trunk/edk2@5361 6f19259b-4bc3-4df7-8a09-765794883524
Dandan Bi
Michael D Kinney
Ray Ni
Liming Gao
Hao Wu
Ruiyu Ni
Eric Dong
Feng Tian
erictian
hhtian
vanjeff
qwang12
qhuang8