tyler.durden
/
audk
mirror of https://github.com/acidanthera/audk.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity
audk/ShellPkg/Application
History
Hao Wu 8c3e4688e0 ShellPkg/Shell: Avoid reading content beyond string boundary 
REF: https://bugzilla.tianocore.org/show_bug.cgi?id=690

Within function EfiShellGetDevicePathFromFilePath(), when the input
parameter 'Path' string is like:
"FS0:"

It is possible for the below statement:
"if (*(Path+StrLen(MapName)+1) == CHAR_NULL) {"

to read the content 1 byte beyond the string boundary (both 'Path' and
'MapName' will be FS0: in this case).

This commit adds additional checks to avoid this.

Cc: Steven Shi <steven.shi@intel.com>
Contributed-under: TianoCore Contribution Agreement 1.1
Signed-off-by: Hao Wu <hao.a.wu@intel.com>
Reviewed-by: Jaben Carsey <jaben.carsey@intel.com>
Reviewed-by: Ruiyu Ni <ruiyu.ni@intel.com>
 		2017-09-21 14:06:06 +08:00
..
Shell ShellPkg/Shell: Avoid reading content beyond string boundary 2017-09-21 14:06:06 +08:00
ShellCTestApp ShellPkg: Add a simple case to test shell parameter parsing logic 2015-09-29 06:35:33 +00:00
ShellExecTestApp Update inf file to follow spec. 2011-03-30 03:40:42 +00:00
ShellSortTestApp MdeModulePkg, MdePkg, NetworkPkg, OvmfPkg, PerformancePkg, ShellPkg: Library Migration. 2015-01-13 01:04:07 +00:00