SecurityPkg OpalPasswordDxe: Clean password buffer.

author Eric Dong <eric.dong@intel.com>

Wed, 16 Nov 2016 06:15:29 +0000 (14:15 +0800)

committer Star Zeng <star.zeng@intel.com>

Mon, 21 Nov 2016 07:37:57 +0000 (15:37 +0800)
author Eric Dong <eric.dong@intel.com>
Wed, 16 Nov 2016 06:15:29 +0000 (14:15 +0800)
committer Star Zeng <star.zeng@intel.com>
Mon, 21 Nov 2016 07:37:57 +0000 (15:37 +0800)
diff --git a/SecurityPkg/Tcg/Opal/OpalPasswordDxe/OpalDriver.c b/SecurityPkg/Tcg/Opal/OpalPasswordDxe/OpalDriver.c

index c9b1f8e5ea47433035e38fbc1db5336c58290921..1c26a5e3530948ab3c22ec5cc156ff141c2e1674 100644 (file)
--- a/SecurityPkg/Tcg/Opal/OpalPasswordDxe/OpalDriver.c
+++ b/SecurityPkg/Tcg/Opal/OpalPasswordDxe/OpalDriver.c
@@ -240,6 +240,7 @@ OpalDriverPopUpHddPassword (
    }\r
  \r
    UnicodeStrToAsciiStrS (Unicode, Ascii, MAX_PASSWORD_SIZE + 1);\r
+  ZeroMem (Unicode, sizeof (Unicode));\r
  \r
    return Ascii;\r
  }\r
diff --git a/SecurityPkg/Tcg/Opal/OpalPasswordDxe/OpalHii.c b/SecurityPkg/Tcg/Opal/OpalPasswordDxe/OpalHii.c

index 5e3106acf6b0700a6b9fdb40a1f49c75cb9c2cef..5937ce2613786c54fa71e22f1eb41a4116992318 100644 (file)
--- a/SecurityPkg/Tcg/Opal/OpalPasswordDxe/OpalHii.c
+++ b/SecurityPkg/Tcg/Opal/OpalPasswordDxe/OpalHii.c
@@ -694,6 +694,8 @@ HiiPsidRevert(
      Ret = OpalSupportPsidRevert(&Session, Psid.Psid, (UINT32)sizeof(Psid.Psid), OpalDisk->OpalDevicePath);\r
    }\r
  \r
+  ZeroMem (Psid.Psid, PSID_CHARACTER_LENGTH);\r
+\r
    if (Ret == TcgResultSuccess) {\r
      AsciiSPrint( Response, DEFAULT_RESPONSE_SIZE, "%a", "PSID Revert: Success" );\r
    } else {\r
@@ -1099,8 +1101,8 @@ HiiPasswordEntered(
    EFI_STRING_ID            Str\r
    )\r
  {\r
-  OPAL_DISK*                    OpalDisk;\r
-  CHAR8                         Password[MAX_PASSWORD_CHARACTER_LENGTH + 1];\r
+  OPAL_DISK*                   OpalDisk;\r
+  CHAR8                        Password[MAX_PASSWORD_CHARACTER_LENGTH + 1];\r
    CHAR16*                      UniStr;\r
    UINT32                       PassLength;\r
    EFI_STATUS                   Status;\r
@@ -1124,15 +1126,20 @@ HiiPasswordEntered(
    if (UniStr == NULL) {\r
      return EFI_NOT_FOUND;\r
    }\r
+\r
+  HiiSetString(gHiiPackageListHandle, Str, L"", NULL);\r
+\r
    PassLength = (UINT32) StrLen (UniStr);\r
    if (PassLength >= sizeof(Password)) {\r
      HiiSetFormString(STRING_TOKEN(STR_ACTION_STATUS), "Password too long");\r
-    gBS->FreePool(UniStr);\r
+    ZeroMem (UniStr, StrSize (UniStr));\r
+    FreePool(UniStr);\r
      return EFI_BUFFER_TOO_SMALL;\r
    }\r
  \r
    UnicodeStrToAsciiStrS (UniStr, Password, sizeof (Password));\r
-  gBS->FreePool(UniStr);\r
+  ZeroMem (UniStr, StrSize (UniStr));\r
+  FreePool(UniStr);\r
  \r
    if (gHiiConfiguration.SelectedAction == HII_KEY_ID_GOTO_UNLOCK) {\r
      Status = HiiUnlock (OpalDisk, Password, PassLength);\r
@@ -1154,6 +1161,8 @@ HiiPasswordEntered(
      Status = HiiSetPassword(OpalDisk, Password, PassLength);\r
    }\r
  \r
+  ZeroMem (Password, sizeof (Password));\r
+\r
    OpalHiiSetBrowserData ();\r
  \r
    return Status;\r
author	Eric Dong <eric.dong@intel.com>
	Wed, 16 Nov 2016 06:15:29 +0000 (14:15 +0800)
committer	Star Zeng <star.zeng@intel.com>
	Mon, 21 Nov 2016 07:37:57 +0000 (15:37 +0800)
SecurityPkg/Tcg/Opal/OpalPasswordDxe/OpalDriver.c		patch \| blob \| blame \| history
SecurityPkg/Tcg/Opal/OpalPasswordDxe/OpalHii.c		patch \| blob \| blame \| history