riscv-gnu-toolchain/qemu/roms/edk2.git - Unnamed repository; edit this file 'description' to name the repository.

diff options

author	Sebastian Witt <sebastian.witt@siemens.com>	2024-06-04 13:10:13 +0200
committer	mergify[bot] <37929162+mergify[bot]@users.noreply.github.com>	2024-06-07 13:23:04 +0000
commit	df8c61e4c071d1c6ab04e3ebeeb07cf97fc893e0 (patch)
tree	16a7c863f5ab1aff1f1995d0fdbbfecc5eb8a3d7 /.mergify
parent	8c826be35c736f4b718c8f927853aa957a1973d8 (diff)
download	edk2-df8c61e4c071d1c6ab04e3ebeeb07cf97fc893e0.zip edk2-df8c61e4c071d1c6ab04e3ebeeb07cf97fc893e0.tar.gz edk2-df8c61e4c071d1c6ab04e3ebeeb07cf97fc893e0.tar.bz2

CryptoPkg: Fix BaseCryptLib CrtWrapper strcpy

strcpy fails when strSource is closer than 4096 bytes after strDest. This is caused by an overlap check in AsciiStrCpyS: // // 5. Copying shall not take place between objects that overlap. // SAFE_STRING_CONSTRAINT_CHECK (InternalSafeStringNoAsciiStrOverlap (Destination, DestMax, (CHAR8 *)Source, SourceLen + 1), RETURN_ACCESS_DENIED); Since DestMax is MAX_STRING_SIZE (0x1000) and with a Source that is in this area behind Destination, AsciiStrCpyS will fail and strcpy will do nothing. When called by CRYPTO_strdup in openssl this leads to uninitialzed memory that gets accessed instead of the copied string. BZ: https://bugzilla.tianocore.org/show_bug.cgi?id=2817 Signed-off-by: Sebastian Witt <sebastian.witt@siemens.com>

Diffstat (limited to '.mergify')

0 files changed, 0 insertions, 0 deletions


context:
space:
mode: