diff options
| author | Hao Wu <hao.a.wu@intel.com> | 2016-09-27 13:28:33 +0800 |
|---|---|---|
| committer | Hao Wu <hao.a.wu@intel.com> | 2016-11-08 16:37:01 +0800 |
| commit | b3520abde896e5e3f251054092f084580bfcdc37 (patch) | |
| tree | 48a8ffc0ff2cefbbecfb084e37c1254b03e74f1a /BaseTools | |
| parent | f45b5a760530752bd6ea8125416cb6620a375468 (diff) | |
| download | edk2-b3520abde896e5e3f251054092f084580bfcdc37.zip edk2-b3520abde896e5e3f251054092f084580bfcdc37.tar.gz edk2-b3520abde896e5e3f251054092f084580bfcdc37.tar.bz2 | |
BaseTools/C/Common: Add checks for array access
Cc: Liming Gao <liming.gao@intel.com>
Cc: Yonghong Zhu <yonghong.zhu@intel.com>
Contributed-under: TianoCore Contribution Agreement 1.0
Signed-off-by: Hao Wu <hao.a.wu@intel.com>
Reviewed-by: Liming Gao <liming.gao@intel.com>
Diffstat (limited to 'BaseTools')
| -rw-r--r-- | BaseTools/Source/C/Common/CommonLib.c | 8 | ||||
| -rw-r--r-- | BaseTools/Source/C/Common/Decompress.c | 7 |
2 files changed, 11 insertions, 4 deletions
diff --git a/BaseTools/Source/C/Common/CommonLib.c b/BaseTools/Source/C/Common/CommonLib.c index 2d07dfc..2f0aecf 100644 --- a/BaseTools/Source/C/Common/CommonLib.c +++ b/BaseTools/Source/C/Common/CommonLib.c @@ -1,7 +1,7 @@ /** @file
Common basic Library Functions
-Copyright (c) 2004 - 2014, Intel Corporation. All rights reserved.<BR>
+Copyright (c) 2004 - 2016, Intel Corporation. All rights reserved.<BR>
This program and the accompanying materials
are licensed and made available under the terms and conditions of the BSD License
which accompanies this distribution. The full text of the license may be found at
@@ -652,7 +652,11 @@ Returns: //
// Construct the full file path
//
- strcat (mCommonLibFullPath, FileName);
+ if (strlen (mCommonLibFullPath) + strlen (FileName) > MAX_LONG_FILE_PATH - 1) {
+ Error (NULL, 0, 2000, "Invalid parameter", "FileName %s is too long!", FileName);
+ return NULL;
+ }
+ strncat (mCommonLibFullPath, FileName, MAX_LONG_FILE_PATH - strlen (mCommonLibFullPath) - 1);
//
// Convert directory separator '/' to '\\'
diff --git a/BaseTools/Source/C/Common/Decompress.c b/BaseTools/Source/C/Common/Decompress.c index d266b6f..77df89f 100644 --- a/BaseTools/Source/C/Common/Decompress.c +++ b/BaseTools/Source/C/Common/Decompress.c @@ -2,7 +2,7 @@ Decompressor. Algorithm Ported from OPSD code (Decomp.asm) for Efi and Tiano
compress algorithm.
-Copyright (c) 2004 - 2014, Intel Corporation. All rights reserved.<BR>
+Copyright (c) 2004 - 2016, Intel Corporation. All rights reserved.<BR>
This program and the accompanying materials
are licensed and made available under the terms and conditions of the BSD License
which accompanies this distribution. The full text of the license may be found at
@@ -15,6 +15,7 @@ WITHOUT WARRANTIES OR REPRESENTATIONS OF ANY KIND, EITHER EXPRESS OR IMPLIED. #include <stdlib.h>
#include <string.h>
+#include <assert.h>
#include "Decompress.h"
//
@@ -240,7 +241,7 @@ Returns: for (Char = 0; Char < NumOfChar; Char++) {
Len = BitLen[Char];
- if (Len == 0) {
+ if (Len == 0 || Len >= 17) {
continue;
}
@@ -373,6 +374,8 @@ Returns: UINT16 Index;
UINT32 Mask;
+ assert (nn <= NPT);
+
Number = (UINT16) GetBits (Sd, nbit);
if (Number == 0) {
|