tyler.durden
/
audk
mirror of https://github.com/acidanthera/audk.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity
audk/MdePkg/Library/BaseLib
History
Hao Wu 9fdf31789a MdePkg/BaseLib: Avoid reading content beyond string boundary 
REF: https://bugzilla.tianocore.org/show_bug.cgi?id=705

As mentioned in the above Bugzilla link by Steven, within the function
PathCleanUpDirectories(), when executing command:
"cd ."

under Shell, the input parameter 'Path' string will have string length
less than 2. Hence, it is possible for the below statement:
"if (StrCmp (Path + StrLen (Path) - 2, L"\\.") == 0) {"

to read contents before the string boundary.

This commit adds additional checks to avoid this.

Cc: Steven Shi <steven.shi@intel.com>
Cc: Michael Kinney <michael.d.kinney@intel.com>
Cc: Liming Gao <liming.gao@intel.com>
Contributed-under: TianoCore Contribution Agreement 1.1
Signed-off-by: Hao Wu <hao.a.wu@intel.com>
Reviewed-by: Ruiyu Ni <ruiyu.ni@intel.com>
 		2017-09-21 14:06:28 +08:00
..
AArch64 MdePkg/BaseLib AARCH64: terminate stack frame list on stack switch 2016-09-09 13:46:52 +01:00
Arm MdePkg: fix ARM version of InternalMathSwapBytes64 () 2015-03-27 17:27:14 +00:00
Ebc
Ia32 MdePkg/BaseLib: Add one wrapper on RdRand access for parameter check. 2016-11-16 16:49:10 +08:00
Ipf
X64 MdePkg/BaseLib: Add one wrapper on RdRand access for parameter check. 2016-11-16 16:49:10 +08:00
ARShiftU64.c
BaseLib.inf MdePkg/BaseLib: Add one wrapper on RdRand access for parameter check. 2016-11-16 16:49:10 +08:00
BaseLib.uni MdePkg: Convert all .uni files to utf-8 2015-12-15 04:53:50 +00:00
BaseLibInternals.h MdePkg/BaseLib: Add IsNodeInList() function. 2017-08-16 16:55:30 +08:00
BitField.c
CheckSum.c
ChkStkGcc.c
Cpu.c
CpuDeadLoop.c
DivS64x64Remainder.c
DivU64x32.c
DivU64x32Remainder.c
DivU64x64Remainder.c
FilePaths.c MdePkg/BaseLib: Avoid reading content beyond string boundary 2017-09-21 14:06:28 +08:00
GetPowerOfTwo32.c
GetPowerOfTwo64.c
HighBitSet32.c
HighBitSet64.c
LRotU32.c
LRotU64.c
LShiftU64.c
LinkedList.c MdePkg/BaseLib: Update internal LinkedList verifications. 2017-08-16 16:55:32 +08:00
LongJump.c
LowBitSet32.c
LowBitSet64.c
Math64.c MdePkg/BaseLib: do not rely on undefined behavior in arithmetic shift 2015-12-31 10:47:22 +00:00
ModU64x32.c
MultS64x64.c
MultU64x32.c
MultU64x64.c
RRotU32.c
RRotU64.c
RShiftU64.c
SafeString.c MdePkg: Convert files to CRLF line ending 2017-04-06 15:43:27 +08:00
SetJump.c
String.c MdePkg: Refine casting expression result to bigger size 2017-03-06 14:18:45 +08:00
SwapBytes16.c
SwapBytes32.c
SwapBytes64.c
SwitchStack.c
Unaligned.c
X86DisablePaging32.c
X86DisablePaging64.c
X86EnablePaging32.c
X86EnablePaging64.c
X86FxRestore.c
X86FxSave.c
X86GetInterruptState.c
X86MemoryFence.c
X86Msr.c
X86RdRand.c MdePkg/BaseLib: Add one wrapper on RdRand access for parameter check. 2016-11-16 16:49:10 +08:00
X86ReadGdtr.c
X86ReadIdtr.c
X86Thunk.c
X86WriteGdtr.c
X86WriteIdtr.c