Is there a reason to not just always start with allocating the 400 and then we don't need to complicate the end to conditionally free the buffer?
> -----Original Message----- > From: edk2-devel [mailto:edk2-devel-boun...@lists.01.org] On Behalf Of Witt, > Sebastian > Sent: Tuesday, January 24, 2017 5:14 AM > To: edk2-devel@lists.01.org > Subject: [edk2] [PATCH] Fix edit on screens with more than 200 columns > Importance: High > > If the shell edit command is used on a screen with more than > 200 columns, we get a buffer overflow. This increases the default buffer size > to > 400 columns and allocates a pool when this is not enough. > > Contributed-under: TianoCore Contribution Agreement 1.0 > Signed-off-by: Sebastian Witt <sebastian.w...@siemens.com> > > --- > .../UefiShellDebug1CommandsLib.c | 15 > ++++++++++++++- > 1 file changed, 14 insertions(+), 1 deletion(-) > > diff --git > a/ShellPkg/Library/UefiShellDebug1CommandsLib/UefiShellDebug1CommandsLi > b.c > b/ShellPkg/Library/UefiShellDebug1CommandsLib/UefiShellDebug1CommandsLi > b.c > index 6ebf002..d81dd01 100644 > --- > a/ShellPkg/Library/UefiShellDebug1CommandsLib/UefiShellDebug1CommandsLi > b.c > +++ > b/ShellPkg/Library/UefiShellDebug1CommandsLib/UefiShellDebug1Command > +++ sLib.c > @@ -302,12 +302,21 @@ EditorClearLine ( > IN UINTN LastRow > ) > { > - CHAR16 Line[200]; > + CHAR16 Buffer[400]; > + CHAR16 *Line = Buffer; > > if (Row == 0) { > Row = 1; > } > > + // If there are more columns than our buffer can contain, allocate > + new buffer if (LastCol >= (sizeof (Buffer) / sizeof (CHAR16))) { > + Line = AllocateZeroPool (LastCol*(sizeof(CHAR16) + 1)); > + if (Line == NULL) { > + return; > + } > + } > + > // > // prepare a blank line > // > @@ -326,6 +335,10 @@ EditorClearLine ( > // print out the blank line > // > ShellPrintEx (0, ((INT32)Row) - 1, Line); > + > + // Free if allocated > + if (Line != Buffer) > + FreePool (Line); > } > > /** > -- > 2.1.4 > > With best regards, > Sebastian Witt > > Siemens AG > Digital Factory Division > Factory Automation > Automation Products and Systems > DF FA AS DH KHE 1 > Oestliche Rheinbrueckenstr. 50 > 76187 Karlsruhe, Germany > Tel.: +49 721 595-5326 > mailto:sebastian.w...@siemens.com > > www.siemens.com/ingenuityforlife > > Siemens Aktiengesellschaft: Chairman of the Supervisory Board: Gerhard > Cromme; Managing Board: Joe Kaeser, Chairman, President and Chief Executive > Officer; Roland Busch, Lisa Davis, Klaus Helmrich, Janina Kugel, Siegfried > Russwurm, Ralf P. Thomas; Registered offices: Berlin and Munich, Germany; > Commercial registries: Berlin Charlottenburg, HRB 12300, Munich, HRB 6684; > WEEE-Reg.-No. DE 23691322 > _______________________________________________ > edk2-devel mailing list > edk2-devel@lists.01.org > https://lists.01.org/mailman/listinfo/edk2-devel _______________________________________________ edk2-devel mailing list edk2-devel@lists.01.org https://lists.01.org/mailman/listinfo/edk2-devel
