MdePkg: Fix conditionally uninitialized variables
Fixes CodeQL alerts for CWE-457: https://cwe.mitre.org/data/definitions/457.html Note that this change affects the actual return value from the following functions. The functions documented that if an integer overflow occurred, MAX_UINTN would be returned. They were implemented to actually return an undefined value from the stack. This change makes the function follow its description. However, this is technically different than what callers may have previously expected. MdePkg/Library/BaseLib/String.c: - StrDecimalToUintn() - StrDecimalToUint64() - StrHexToUintn() - StrHexToUint64() - AsciiStrDecimalToUintn() - AsciiStrDecimalToUint64() - AsciiStrHexToUintn() - AsciiStrHexToUint64() Cc: Erich McMillan <emcmillan@microsoft.com> Cc: Liming Gao <gaoliming@byosoft.com.cn> Cc: Michael D Kinney <michael.d.kinney@intel.com> Cc: Michael Kubacki <mikuback@linux.microsoft.com> Cc: Zhiguang Liu <zhiguang.liu@intel.com> Co-authored-by:Erich McMillan <emcmillan@microsoft.com> Signed-off-by:
Michael Kubacki <michael.kubacki@microsoft.com> Reviewed-by:
Liming Gao <gaoliming@byosoft.com.cn> Reviewed-by:
Oliver Smith-Denny <osd@smith-denny.com>
Loading
Please register or sign in to comment