From 2cdcc05ce80d9e17095c64a60defd57c73d61158 Mon Sep 17 00:00:00 2001 From: vanjeff Date: Mon, 18 Apr 2011 08:43:36 +0000 Subject: sync patch r10781, r10793, r10797, r10799 from main trunk. Add security check to make code run safe. git-svn-id: https://edk2.svn.sourceforge.net/svnroot/edk2/branches/UDK2010@11548 6f19259b-4bc3-4df7-8a09-765794883524 --- MdePkg/Include/Base.h | 2 +- MdePkg/Library/BaseLib/GetPowerOfTwo64.c | 4 +- MdePkg/Library/BaseLib/Ia32/DivS64x64Remainder.c | 6 +-- MdePkg/Library/BaseLib/MultS64x64.c | 2 +- MdePkg/Library/BaseLib/String.c | 51 ++++------------------ .../BaseSynchronizationLib/SynchronizationMsc.c | 4 +- MdePkg/Library/PeiHobLib/HobLib.c | 18 ++++---- MdePkg/Library/UefiUsbLib/Hid.c | 2 +- 8 files changed, 27 insertions(+), 62 deletions(-) diff --git a/MdePkg/Include/Base.h b/MdePkg/Include/Base.h index a2d275223c..59ffdfbbff 100644 --- a/MdePkg/Include/Base.h +++ b/MdePkg/Include/Base.h @@ -494,7 +494,7 @@ typedef CHAR8 *VA_LIST; @return A pointer to the beginning of a variable argument list. **/ -#define VA_START(Marker, Parameter) (Marker = (VA_LIST) & (Parameter) + _INT_SIZE_OF (Parameter)) +#define VA_START(Marker, Parameter) (Marker = (VA_LIST) ((UINTN) & (Parameter) + _INT_SIZE_OF (Parameter))) /** Returns an argument of a specified type from a variable argument list and updates diff --git a/MdePkg/Library/BaseLib/GetPowerOfTwo64.c b/MdePkg/Library/BaseLib/GetPowerOfTwo64.c index ae85b91180..fb79a634a5 100644 --- a/MdePkg/Library/BaseLib/GetPowerOfTwo64.c +++ b/MdePkg/Library/BaseLib/GetPowerOfTwo64.c @@ -1,7 +1,7 @@ /** @file Math worker functions. - Copyright (c) 2006 - 2008, Intel Corporation
+ Copyright (c) 2006 - 2010, Intel Corporation
All rights reserved. This program and the accompanying materials are licensed and made available under the terms and conditions of the BSD License which accompanies this distribution. The full text of the license may be found at @@ -40,5 +40,5 @@ GetPowerOfTwo64 ( return 0; } - return LShiftU64 (1, HighBitSet64 (Operand)); + return LShiftU64 (1, (UINTN) HighBitSet64 (Operand)); } diff --git a/MdePkg/Library/BaseLib/Ia32/DivS64x64Remainder.c b/MdePkg/Library/BaseLib/Ia32/DivS64x64Remainder.c index c5e894f287..2f8a9a4fcc 100644 --- a/MdePkg/Library/BaseLib/Ia32/DivS64x64Remainder.c +++ b/MdePkg/Library/BaseLib/Ia32/DivS64x64Remainder.c @@ -1,7 +1,7 @@ /** @file Integer division worker functions for Ia32. - Copyright (c) 2006 - 2008, Intel Corporation
+ Copyright (c) 2006 - 2010, Intel Corporation
All rights reserved. This program and the accompanying materials are licensed and made available under the terms and conditions of the BSD License which accompanies this distribution. The full text of the license may be found at @@ -42,8 +42,8 @@ InternalMathDivRemS64x64 ( INT64 Quot; Quot = InternalMathDivRemU64x64 ( - Dividend >= 0 ? Dividend : -Dividend, - Divisor >= 0 ? Divisor : -Divisor, + (UINT64) (Dividend >= 0 ? Dividend : -Dividend), + (UINT64) (Divisor >= 0 ? Divisor : -Divisor), (UINT64 *) Remainder ); if (Remainder != NULL && Dividend < 0) { diff --git a/MdePkg/Library/BaseLib/MultS64x64.c b/MdePkg/Library/BaseLib/MultS64x64.c index ea80428cc4..f764cc5646 100644 --- a/MdePkg/Library/BaseLib/MultS64x64.c +++ b/MdePkg/Library/BaseLib/MultS64x64.c @@ -38,5 +38,5 @@ MultS64x64 ( IN INT64 Multiplier ) { - return (INT64)MultU64x64 (Multiplicand, Multiplier); + return (INT64)MultU64x64 ((UINT64) Multiplicand, (UINT64) Multiplier); } diff --git a/MdePkg/Library/BaseLib/String.c b/MdePkg/Library/BaseLib/String.c index afbad1d4e3..6702954920 100644 --- a/MdePkg/Library/BaseLib/String.c +++ b/MdePkg/Library/BaseLib/String.c @@ -14,17 +14,6 @@ #include "BaseLibInternals.h" -#define QUOTIENT_MAX_UINTN_DIVIDED_BY_10 ((UINTN) -1 / 10) -#define REMAINDER_MAX_UINTN_DIVIDED_BY_10 ((UINTN) -1 % 10) - -#define QUOTIENT_MAX_UINTN_DIVIDED_BY_16 ((UINTN) -1 / 16) -#define REMAINDER_MAX_UINTN_DIVIDED_BY_16 ((UINTN) -1 % 16) - -#define QUOTIENT_MAX_UINT64_DIVIDED_BY_10 ((UINT64) -1 / 10) -#define REMAINDER_MAX_UINT64_DIVIDED_BY_10 ((UINT64) -1 % 10) - -#define QUOTIENT_MAX_UINT64_DIVIDED_BY_16 ((UINT64) -1 / 16) -#define REMAINDER_MAX_UINT64_DIVIDED_BY_16 ((UINT64) -1 % 16) /** Copies one Null-terminated Unicode string to another Null-terminated Unicode @@ -681,10 +670,7 @@ StrDecimalToUintn ( // If the number represented by String overflows according // to the range defined by UINTN, then ASSERT(). // - ASSERT ((Result < QUOTIENT_MAX_UINTN_DIVIDED_BY_10) || - ((Result == QUOTIENT_MAX_UINTN_DIVIDED_BY_10) && - (*String - L'0') <= REMAINDER_MAX_UINTN_DIVIDED_BY_10) - ); + ASSERT (Result <= ((((UINTN) ~0) - (*String - L'0')) / 10)); Result = Result * 10 + (*String - L'0'); String++; @@ -763,10 +749,7 @@ StrDecimalToUint64 ( // If the number represented by String overflows according // to the range defined by UINTN, then ASSERT(). // - ASSERT ((Result < QUOTIENT_MAX_UINT64_DIVIDED_BY_10) || - ((Result == QUOTIENT_MAX_UINT64_DIVIDED_BY_10) && - (*String - L'0') <= REMAINDER_MAX_UINT64_DIVIDED_BY_10) - ); + ASSERT (Result <= DivU64x32 (((UINT64) ~0) - (*String - L'0') , 10)); Result = MultU64x32 (Result, 10) + (*String - L'0'); String++; @@ -855,10 +838,7 @@ StrHexToUintn ( // If the Hex Number represented by String overflows according // to the range defined by UINTN, then ASSERT(). // - ASSERT ((Result < QUOTIENT_MAX_UINTN_DIVIDED_BY_16) || - ((Result == QUOTIENT_MAX_UINTN_DIVIDED_BY_16) && - (InternalHexCharToUintn (*String) <= REMAINDER_MAX_UINTN_DIVIDED_BY_16)) - ); + ASSERT (Result <= ((((UINTN) ~0) - InternalHexCharToUintn (*String)) >> 4)); Result = (Result << 4) + InternalHexCharToUintn (*String); String++; @@ -949,10 +929,7 @@ StrHexToUint64 ( // If the Hex Number represented by String overflows according // to the range defined by UINTN, then ASSERT(). // - ASSERT ((Result < QUOTIENT_MAX_UINT64_DIVIDED_BY_16)|| - ((Result == QUOTIENT_MAX_UINT64_DIVIDED_BY_16) && - (InternalHexCharToUintn (*String) <= REMAINDER_MAX_UINT64_DIVIDED_BY_16)) - ); + ASSERT (Result <= RShiftU64 (((UINT64) ~0) - InternalHexCharToUintn (*String) , 4)); Result = LShiftU64 (Result, 4); Result = Result + InternalHexCharToUintn (*String); @@ -1716,10 +1693,7 @@ AsciiStrDecimalToUintn ( // If the number represented by String overflows according // to the range defined by UINTN, then ASSERT(). // - ASSERT ((Result < QUOTIENT_MAX_UINTN_DIVIDED_BY_10) || - ((Result == QUOTIENT_MAX_UINTN_DIVIDED_BY_10) && - (*String - '0') <= REMAINDER_MAX_UINTN_DIVIDED_BY_10) - ); + ASSERT (Result <= ((((UINTN) ~0) - (*String - L'0')) / 10)); Result = Result * 10 + (*String - '0'); String++; @@ -1793,10 +1767,7 @@ AsciiStrDecimalToUint64 ( // If the number represented by String overflows according // to the range defined by UINTN, then ASSERT(). // - ASSERT ((Result < QUOTIENT_MAX_UINT64_DIVIDED_BY_10) || - ((Result == QUOTIENT_MAX_UINT64_DIVIDED_BY_10) && - (*String - '0') <= REMAINDER_MAX_UINT64_DIVIDED_BY_10) - ); + ASSERT (Result <= DivU64x32 (((UINT64) ~0) - (*String - L'0') , 10)); Result = MultU64x32 (Result, 10) + (*String - '0'); String++; @@ -1884,10 +1855,7 @@ AsciiStrHexToUintn ( // If the Hex Number represented by String overflows according // to the range defined by UINTN, then ASSERT(). // - ASSERT ((Result < QUOTIENT_MAX_UINTN_DIVIDED_BY_16) || - ((Result == QUOTIENT_MAX_UINTN_DIVIDED_BY_16) && - (InternalAsciiHexCharToUintn (*String) <= REMAINDER_MAX_UINTN_DIVIDED_BY_16)) - ); + ASSERT (Result <= ((((UINTN) ~0) - InternalHexCharToUintn (*String)) >> 4)); Result = (Result << 4) + InternalAsciiHexCharToUintn (*String); String++; @@ -1979,10 +1947,7 @@ AsciiStrHexToUint64 ( // If the Hex Number represented by String overflows according // to the range defined by UINTN, then ASSERT(). // - ASSERT ((Result < QUOTIENT_MAX_UINT64_DIVIDED_BY_16) || - ((Result == QUOTIENT_MAX_UINT64_DIVIDED_BY_16) && - (InternalAsciiHexCharToUintn (*String) <= REMAINDER_MAX_UINT64_DIVIDED_BY_16)) - ); + ASSERT (Result <= RShiftU64 (((UINT64) ~0) - InternalHexCharToUintn (*String) , 4)); Result = LShiftU64 (Result, 4); Result = Result + InternalAsciiHexCharToUintn (*String); diff --git a/MdePkg/Library/BaseSynchronizationLib/SynchronizationMsc.c b/MdePkg/Library/BaseSynchronizationLib/SynchronizationMsc.c index 5abfbefcf0..81192db8d1 100644 --- a/MdePkg/Library/BaseSynchronizationLib/SynchronizationMsc.c +++ b/MdePkg/Library/BaseSynchronizationLib/SynchronizationMsc.c @@ -1,7 +1,7 @@ /** @file Implementation of synchronization functions. - Copyright (c) 2006 - 2008, Intel Corporation
+ Copyright (c) 2006 - 2010, Intel Corporation
All rights reserved. This program and the accompanying materials are licensed and made available under the terms and conditions of the BSD License which accompanies this distribution. The full text of the license may be found at @@ -383,7 +383,7 @@ InterlockedCompareExchangePointer ( { UINT8 SizeOfValue; - SizeOfValue = sizeof (*Value); + SizeOfValue = (UINT8) sizeof (*Value); switch (SizeOfValue) { case sizeof (UINT32): diff --git a/MdePkg/Library/PeiHobLib/HobLib.c b/MdePkg/Library/PeiHobLib/HobLib.c index 1815ddf530..b5ea542df9 100644 --- a/MdePkg/Library/PeiHobLib/HobLib.c +++ b/MdePkg/Library/PeiHobLib/HobLib.c @@ -277,7 +277,7 @@ BuildModuleHob ( ASSERT (((MemoryAllocationModule & (EFI_PAGE_SIZE - 1)) == 0) && ((ModuleLength & (EFI_PAGE_SIZE - 1)) == 0)); - Hob = InternalPeiCreateHob (EFI_HOB_TYPE_MEMORY_ALLOCATION, sizeof (EFI_HOB_MEMORY_ALLOCATION_MODULE)); + Hob = InternalPeiCreateHob (EFI_HOB_TYPE_MEMORY_ALLOCATION, (UINT16) sizeof (EFI_HOB_MEMORY_ALLOCATION_MODULE)); CopyGuid (&(Hob->MemoryAllocationHeader.Name), &gEfiHobMemoryAllocModuleGuid); Hob->MemoryAllocationHeader.MemoryBaseAddress = MemoryAllocationModule; @@ -319,7 +319,7 @@ BuildResourceDescriptorHob ( { EFI_HOB_RESOURCE_DESCRIPTOR *Hob; - Hob = InternalPeiCreateHob (EFI_HOB_TYPE_RESOURCE_DESCRIPTOR, sizeof (EFI_HOB_RESOURCE_DESCRIPTOR)); + Hob = InternalPeiCreateHob (EFI_HOB_TYPE_RESOURCE_DESCRIPTOR, (UINT16) sizeof (EFI_HOB_RESOURCE_DESCRIPTOR)); Hob->ResourceType = ResourceType; Hob->ResourceAttribute = ResourceAttribute; @@ -428,7 +428,7 @@ BuildFvHob ( { EFI_HOB_FIRMWARE_VOLUME *Hob; - Hob = InternalPeiCreateHob (EFI_HOB_TYPE_FV, sizeof (EFI_HOB_FIRMWARE_VOLUME)); + Hob = InternalPeiCreateHob (EFI_HOB_TYPE_FV, (UINT16) sizeof (EFI_HOB_FIRMWARE_VOLUME)); Hob->BaseAddress = BaseAddress; Hob->Length = Length; @@ -460,7 +460,7 @@ BuildFv2Hob ( { EFI_HOB_FIRMWARE_VOLUME2 *Hob; - Hob = InternalPeiCreateHob (EFI_HOB_TYPE_FV2, sizeof (EFI_HOB_FIRMWARE_VOLUME2)); + Hob = InternalPeiCreateHob (EFI_HOB_TYPE_FV2, (UINT16) sizeof (EFI_HOB_FIRMWARE_VOLUME2)); Hob->BaseAddress = BaseAddress; Hob->Length = Length; @@ -491,7 +491,7 @@ BuildCvHob ( { EFI_HOB_UEFI_CAPSULE *Hob; - Hob = InternalPeiCreateHob (EFI_HOB_TYPE_UEFI_CAPSULE, sizeof (EFI_HOB_UEFI_CAPSULE)); + Hob = InternalPeiCreateHob (EFI_HOB_TYPE_UEFI_CAPSULE, (UINT16) sizeof (EFI_HOB_UEFI_CAPSULE)); Hob->BaseAddress = BaseAddress; Hob->Length = Length; @@ -519,7 +519,7 @@ BuildCpuHob ( { EFI_HOB_CPU *Hob; - Hob = InternalPeiCreateHob (EFI_HOB_TYPE_CPU, sizeof (EFI_HOB_CPU)); + Hob = InternalPeiCreateHob (EFI_HOB_TYPE_CPU, (UINT16) sizeof (EFI_HOB_CPU)); Hob->SizeOfMemorySpace = SizeOfMemorySpace; Hob->SizeOfIoSpace = SizeOfIoSpace; @@ -555,7 +555,7 @@ BuildStackHob ( ASSERT (((BaseAddress & (EFI_PAGE_SIZE - 1)) == 0) && ((Length & (EFI_PAGE_SIZE - 1)) == 0)); - Hob = InternalPeiCreateHob (EFI_HOB_TYPE_MEMORY_ALLOCATION, sizeof (EFI_HOB_MEMORY_ALLOCATION_STACK)); + Hob = InternalPeiCreateHob (EFI_HOB_TYPE_MEMORY_ALLOCATION, (UINT16) sizeof (EFI_HOB_MEMORY_ALLOCATION_STACK)); CopyGuid (&(Hob->AllocDescriptor.Name), &gEfiHobMemoryAllocStackGuid); Hob->AllocDescriptor.MemoryBaseAddress = BaseAddress; @@ -595,7 +595,7 @@ BuildBspStoreHob ( ASSERT (((BaseAddress & (EFI_PAGE_SIZE - 1)) == 0) && ((Length & (EFI_PAGE_SIZE - 1)) == 0)); - Hob = InternalPeiCreateHob (EFI_HOB_TYPE_MEMORY_ALLOCATION, sizeof (EFI_HOB_MEMORY_ALLOCATION_BSP_STORE)); + Hob = InternalPeiCreateHob (EFI_HOB_TYPE_MEMORY_ALLOCATION, (UINT16) sizeof (EFI_HOB_MEMORY_ALLOCATION_BSP_STORE)); CopyGuid (&(Hob->AllocDescriptor.Name), &gEfiHobMemoryAllocBspStoreGuid); Hob->AllocDescriptor.MemoryBaseAddress = BaseAddress; @@ -635,7 +635,7 @@ BuildMemoryAllocationHob ( ASSERT (((BaseAddress & (EFI_PAGE_SIZE - 1)) == 0) && ((Length & (EFI_PAGE_SIZE - 1)) == 0)); - Hob = InternalPeiCreateHob (EFI_HOB_TYPE_MEMORY_ALLOCATION, sizeof (EFI_HOB_MEMORY_ALLOCATION)); + Hob = InternalPeiCreateHob (EFI_HOB_TYPE_MEMORY_ALLOCATION, (UINT16) sizeof (EFI_HOB_MEMORY_ALLOCATION)); ZeroMem (&(Hob->AllocDescriptor.Name), sizeof (EFI_GUID)); Hob->AllocDescriptor.MemoryBaseAddress = BaseAddress; diff --git a/MdePkg/Library/UefiUsbLib/Hid.c b/MdePkg/Library/UefiUsbLib/Hid.c index c14f982184..c64e1524ea 100644 --- a/MdePkg/Library/UefiUsbLib/Hid.c +++ b/MdePkg/Library/UefiUsbLib/Hid.c @@ -67,7 +67,7 @@ UsbGetHidDescriptor ( Request.Request = USB_REQ_GET_DESCRIPTOR; Request.Value = (UINT16) (USB_DESC_TYPE_HID << 8); Request.Index = Interface; - Request.Length = sizeof (EFI_USB_HID_DESCRIPTOR); + Request.Length = (UINT16) sizeof (EFI_USB_HID_DESCRIPTOR); Result = UsbIo->UsbControlTransfer ( UsbIo, -- cgit