mirror of https://github.com/acidanthera/audk.git
f76bc44362
An example: The codes in function Output8bitPixel in Image.c: OffsetY = BITMAP_LEN_8_BIT ((UINT32) Image->Width, Ypos); Both Image->Width and Ypos are of type UINT16. They will be promoted to int (signed) first, and then perform the multiplication defined by macro BITMAP_LEN_8_BIT. If the result of multiplication between Image->Width and Ypos exceeds the range of type int, a potential incorrect results will be assigned to OffsetY. This commit adds explicit UINT32 type cast for 'Image->Width' to avoid possible overflow in the int range. And also fix similar issues in HiiDatabase. Cc: Eric Dong <eric.dong@intel.com> Cc: Liming Gao <liming.gao@intel.com> Cc: Hao Wu <hao.a.wu@intel.com> Contributed-under: TianoCore Contribution Agreement 1.0 Signed-off-by: Dandan Bi <dandan.bi@intel.com> Reviewed-by: Hao Wu <hao.a.wu@intel.com> |
||
|---|---|---|
| .. | ||
| ConfigKeywordHandler.c | ||
| ConfigRouting.c | ||
| Database.c | ||
| Font.c | ||
| HiiDatabase.h | ||
| HiiDatabase.uni | ||
| HiiDatabaseDxe.inf | ||
| HiiDatabaseEntry.c | ||
| HiiDatabaseExtra.uni | ||
| Image.c | ||
| ImageEx.c | ||
| String.c | ||