From: Star Zeng Date: Thu, 15 Mar 2018 05:50:31 +0000 (+0800) Subject: SecurityPkg OpalPasswordDxe:Fix wrong BufferSize input to UnicodeSPrint X-Git-Tag: edk2-stable201903~2096 X-Git-Url: https://git.proxmox.com/?p=mirror_edk2.git;a=commitdiff_plain;h=aa0857304e83801ce8c673504625aa3307abb82f SecurityPkg OpalPasswordDxe:Fix wrong BufferSize input to UnicodeSPrint Current code uses string length as BufferSize input to UnicodeSPrint, it is wrong and makes the pop up string trimmed. The BufferSize input to UnicodeSPrint should be the size, in bytes, of the output buffer. This is to use sizeof (mPopUpString) as the BufferSize input to UnicodeSPrint, it also updates array size of mPopUpString from 256 to 100 that is enough, otherwise the pop up string may be too long. Cc: Jiewen Yao Cc: Eric Dong Cc: Chao Zhang Contributed-under: TianoCore Contribution Agreement 1.1 Signed-off-by: Star Zeng Reviewed-by: Jiewen Yao --- diff --git a/SecurityPkg/Tcg/Opal/OpalPassword/OpalDriver.c b/SecurityPkg/Tcg/Opal/OpalPassword/OpalDriver.c index 1b55bbe4ec..4133e503e2 100644 --- a/SecurityPkg/Tcg/Opal/OpalPassword/OpalDriver.c +++ b/SecurityPkg/Tcg/Opal/OpalPassword/OpalDriver.c @@ -27,7 +27,7 @@ EFI_GUID mOpalDeviceNvmeGuid = OPAL_DEVICE_NVME_GUID; BOOLEAN mOpalEndOfDxe = FALSE; OPAL_REQUEST_VARIABLE *mOpalRequestVariable = NULL; UINTN mOpalRequestVariableSize = 0; -CHAR16 mPopUpString[256]; +CHAR16 mPopUpString[100]; typedef struct { UINT32 Address; @@ -659,7 +659,7 @@ OpalEndOfDxeEventNotify ( @param[in] PopUpString Pop up string. @param[out] PressEsc Whether user escape function through Press ESC. - @retval Password string if success. NULL if failed. + @retval Psid string if success. NULL if failed. **/ CHAR8 * @@ -908,11 +908,13 @@ OpalDriverPopUpPasswordInput ( } /** - Check if disk is locked, show popup window and ask for password if it is. + Get pop up string. - @param[in] Dev The device which need to be unlocked. + @param[in] Dev The OPAL device. @param[in] RequestString Request string. + @return Pop up string. + **/ CHAR16 * OpalGetPopUpString ( @@ -920,15 +922,10 @@ OpalGetPopUpString ( IN CHAR16 *RequestString ) { - UINTN StrLength; - - StrLength = StrLen (RequestString) + 1 + MAX (StrLen (Dev->Name16), StrLen (L"Disk")); - ASSERT (StrLength < sizeof (mPopUpString) / sizeof (CHAR16)); - if (Dev->Name16 == NULL) { - UnicodeSPrint (mPopUpString, StrLength + 1, L"%s Disk", RequestString); + UnicodeSPrint (mPopUpString, sizeof (mPopUpString), L"%s Disk", RequestString); } else { - UnicodeSPrint (mPopUpString, StrLength + 1, L"%s %s", RequestString, Dev->Name16); + UnicodeSPrint (mPopUpString, sizeof (mPopUpString), L"%s %s", RequestString, Dev->Name16); } return mPopUpString;