SecurityPkg OpalPasswordDxe:Fix wrong BufferSize input to UnicodeSPrint

Current code uses string length as BufferSize input to UnicodeSPrint,
it is wrong and makes the pop up string trimmed. The BufferSize input
to UnicodeSPrint should be the size, in bytes, of the output buffer.

This is to use sizeof (mPopUpString) as the BufferSize input to
UnicodeSPrint, it also updates array size of mPopUpString from 256 to
100 that is enough, otherwise the pop up string may be too long.

Cc: Jiewen Yao <jiewen.yao@intel.com>
Cc: Eric Dong <eric.dong@intel.com>
Cc: Chao Zhang <chao.b.zhang@intel.com>
Contributed-under: TianoCore Contribution Agreement 1.1
Signed-off-by: Star Zeng <star.zeng@intel.com>
Reviewed-by: Jiewen Yao <jiewen.yao@intel.com>

diff --git a/SecurityPkg/Tcg/Opal/OpalPassword/OpalDriver.c b/SecurityPkg/Tcg/Opal/OpalPassword/OpalDriver.c
index 1b55bbe4ecb840f12c32cd2002cfe42b753e087b..4133e503e2fc58c8109d7e17f42260d72a9e9ebb 100644 (file)
--- a/SecurityPkg/Tcg/Opal/OpalPassword/OpalDriver.c
+++ b/SecurityPkg/Tcg/Opal/OpalPassword/OpalDriver.c
@@ -27,7 +27,7 @@ EFI_GUID mOpalDeviceNvmeGuid = OPAL_DEVICE_NVME_GUID;
 BOOLEAN                 mOpalEndOfDxe = FALSE;\r
 OPAL_REQUEST_VARIABLE   *mOpalRequestVariable = NULL;\r
 UINTN                   mOpalRequestVariableSize = 0;\r
 BOOLEAN                 mOpalEndOfDxe = FALSE;\r
 OPAL_REQUEST_VARIABLE   *mOpalRequestVariable = NULL;\r
 UINTN                   mOpalRequestVariableSize = 0;\r

-CHAR16                  mPopUpString[256];\r
+CHAR16                  mPopUpString[100];\r

 \r
 typedef struct {\r
   UINT32                   Address;\r
 \r
 typedef struct {\r
   UINT32                   Address;\r


@@ -659,7 +659,7 @@ OpalEndOfDxeEventNotify (
   @param[in]  PopUpString   Pop up string.\r
   @param[out] PressEsc      Whether user escape function through Press ESC.\r
 \r
   @param[in]  PopUpString   Pop up string.\r
   @param[out] PressEsc      Whether user escape function through Press ESC.\r
 \r

-  @retval Password string if success. NULL if failed.\r
+  @retval Psid string if success. NULL if failed.\r

 \r
 **/\r
 CHAR8 *\r
 \r
 **/\r
 CHAR8 *\r


@@ -908,11 +908,13 @@ OpalDriverPopUpPasswordInput (
 }\r
 \r
 /**\r
 }\r
 \r
 /**\r

-  Check if disk is locked, show popup window and ask for password if it is.\r
+  Get pop up string.\r

 \r
 \r

-  @param[in] Dev            The device which need to be unlocked.\r
+  @param[in] Dev            The OPAL device.\r

   @param[in] RequestString  Request string.\r
 \r
   @param[in] RequestString  Request string.\r
 \r

+  @return Pop up string.\r
+\r

 **/\r
 CHAR16 *\r
 OpalGetPopUpString (\r
 **/\r
 CHAR16 *\r
 OpalGetPopUpString (\r


@@ -920,15 +922,10 @@ OpalGetPopUpString (
   IN CHAR16             *RequestString\r
   )\r
 {\r
   IN CHAR16             *RequestString\r
   )\r
 {\r

-  UINTN                 StrLength;\r
-\r
-  StrLength = StrLen (RequestString) + 1 + MAX (StrLen (Dev->Name16), StrLen (L"Disk"));\r
-  ASSERT (StrLength < sizeof (mPopUpString) / sizeof (CHAR16));\r
-\r

   if (Dev->Name16 == NULL) {\r
   if (Dev->Name16 == NULL) {\r

-    UnicodeSPrint (mPopUpString, StrLength + 1, L"%s Disk", RequestString);\r
+    UnicodeSPrint (mPopUpString, sizeof (mPopUpString), L"%s Disk", RequestString);\r

   } else {\r
   } else {\r

-    UnicodeSPrint (mPopUpString, StrLength + 1, L"%s %s", RequestString, Dev->Name16);\r
+    UnicodeSPrint (mPopUpString, sizeof (mPopUpString), L"%s %s", RequestString, Dev->Name16);\r

   }\r
 \r
   return mPopUpString;\r
   }\r
 \r
   return mPopUpString;\r