mirror of https://github.com/acidanthera/audk.git
f76bc44362
An example: The codes in function Output8bitPixel in Image.c: OffsetY = BITMAP_LEN_8_BIT ((UINT32) Image->Width, Ypos); Both Image->Width and Ypos are of type UINT16. They will be promoted to int (signed) first, and then perform the multiplication defined by macro BITMAP_LEN_8_BIT. If the result of multiplication between Image->Width and Ypos exceeds the range of type int, a potential incorrect results will be assigned to OffsetY. This commit adds explicit UINT32 type cast for 'Image->Width' to avoid possible overflow in the int range. And also fix similar issues in HiiDatabase. Cc: Eric Dong <eric.dong@intel.com> Cc: Liming Gao <liming.gao@intel.com> Cc: Hao Wu <hao.a.wu@intel.com> Contributed-under: TianoCore Contribution Agreement 1.0 Signed-off-by: Dandan Bi <dandan.bi@intel.com> Reviewed-by: Hao Wu <hao.a.wu@intel.com> |
||
|---|---|---|
| .. | ||
| Application | ||
| Bus | ||
| Core | ||
| Include | ||
| Library | ||
| Logo | ||
| Universal | ||
| Contributions.txt | ||
| License.txt | ||
| MdeModulePkg.dec | ||
| MdeModulePkg.dsc | ||
| MdeModulePkg.uni | ||
| MdeModulePkgExtra.uni | ||