[edk2] [PATCH 2/2] PerformancePkg Dp_App: Resolve buffer size mismatch

Thu, 25 Jun 2015 22:23:43 -0700 

CHAR16 array mGaugeString[DP_GAUGE_STRING_LENGTH + 1] is pass into
function GetShortPdbFileName(). However, in this function it treats the
size of the input buffer as DXE_PERFORMANCE_STRING_SIZE.

Though DXE_PERFORMANCE_STRING_SIZE is smaller than DP_GAUGE_STRING_LENGTH
now, but this manner might introduce a potential risk of buffer overflow.

Contributed-under: TianoCore Contribution Agreement 1.0
Signed-off-by: Hao Wu <hao.a...@intel.com>
Reviewed-by: Star Zeng <star.z...@intel.com>
---
 PerformancePkg/Dp_App/DpUtilities.c | 8 ++++----
 1 file changed, 4 insertions(+), 4 deletions(-)

diff --git a/PerformancePkg/Dp_App/DpUtilities.c 
b/PerformancePkg/Dp_App/DpUtilities.c
index 38d2293..38d7aa3 100644
--- a/PerformancePkg/Dp_App/DpUtilities.c
+++ b/PerformancePkg/Dp_App/DpUtilities.c
@@ -156,10 +156,10 @@ GetShortPdbFileName (
   UINTN StartIndex;
   UINTN EndIndex;
 
-  ZeroMem (UnicodeBuffer, DXE_PERFORMANCE_STRING_LENGTH * sizeof (CHAR16));
+  ZeroMem (UnicodeBuffer, (DP_GAUGE_STRING_LENGTH + 1) * sizeof (CHAR16));
 
   if (PdbFileName == NULL) {
-    StrCpyS (UnicodeBuffer, DXE_PERFORMANCE_STRING_SIZE, L" ");
+    StrCpyS (UnicodeBuffer, DP_GAUGE_STRING_LENGTH + 1, L" ");
   } else {
     StartIndex = 0;
     for (EndIndex = 0; PdbFileName[EndIndex] != 0; EndIndex++)
@@ -178,8 +178,8 @@ GetShortPdbFileName (
     for (IndexA = StartIndex; IndexA < EndIndex; IndexA++) {
       UnicodeBuffer[IndexU] = (CHAR16) PdbFileName[IndexA];
       IndexU++;
-      if (IndexU >= DXE_PERFORMANCE_STRING_LENGTH) {
-        UnicodeBuffer[DXE_PERFORMANCE_STRING_LENGTH] = 0;
+      if (IndexU >= DP_GAUGE_STRING_LENGTH) {
+        UnicodeBuffer[DP_GAUGE_STRING_LENGTH] = 0;
         break;
       }
     }
-- 
1.9.5.msysgit.0


------------------------------------------------------------------------------
Monitor 25 network devices or servers for free with OpManager!
OpManager is web-based network management software that monitors 
network devices and physical & virtual servers, alerts via email & sms 
for fault. Monitor 25 devices for free with no restriction. Download now
http://ad.doubleclick.net/ddm/clk/292181274;119417398;o
_______________________________________________
edk2-devel mailing list
edk2-devel@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/edk2-devel

Reply via email to