From 5f2b325e4d99bd55e4c4a2dfcfd2f7f3763009a7 Mon Sep 17 00:00:00 2001
From: Dandan Bi <dandan.bi@intel.com>
Date: Mon, 16 Oct 2017 11:37:08 +0800
Subject: [PATCH] Security/OpalHii.c: Handle NULL Request or Request with no
 elements

According to UEFI spec, for the ExtractConfig function in
EFI_HII_CONFIG_ACCESS_PROTOCOL,If a NULL is passed in for the Request
field or if a ConfigHdr is passed in with no request elements, all of
the settings being abstracted by this function will be returned in the
Results field.

The implementation of ExtractConfig function in OpalHii.c misses to
handle above cases.This patch is to do the enhancements.

Cc: Chao Zhang <chao.b.zhang@intel.com>
Cc: Eric Dong <eric.dong@intel.com>
Contributed-under: TianoCore Contribution Agreement 1.1
Signed-off-by: Dandan Bi <dandan.bi@intel.com>
Reviewed-by: Eric Dong <eric.dong@intel.com>
---
 .../Tcg/Opal/OpalPasswordDxe/OpalHii.c        | 46 ++++++++++++++++++-
 1 file changed, 45 insertions(+), 1 deletion(-)

diff --git a/SecurityPkg/Tcg/Opal/OpalPasswordDxe/OpalHii.c b/SecurityPkg/Tcg/Opal/OpalPasswordDxe/OpalHii.c
index 4881e72c55..e3bde4275d 100644
--- a/SecurityPkg/Tcg/Opal/OpalPasswordDxe/OpalHii.c
+++ b/SecurityPkg/Tcg/Opal/OpalPasswordDxe/OpalHii.c
@@ -1280,6 +1280,12 @@ ExtractConfig(
   )
 {
   EFI_STATUS                              Status;
+  EFI_STRING                              ConfigRequest;
+  EFI_STRING                              ConfigRequestHdr;
+  UINTN                                   BufferSize;
+  UINTN                                   Size;
+  BOOLEAN                                 AllocatedRequest;
+  EFI_HANDLE                              DriverHandle;
 
   //
   // Check for valid parameters
@@ -1294,18 +1300,56 @@ ExtractConfig(
     return EFI_NOT_FOUND;
   }
 
+  AllocatedRequest = FALSE;
+  BufferSize = sizeof (OPAL_HII_CONFIGURATION);
+  ConfigRequest = Request;
+  if ((Request == NULL) || (StrStr (Request, L"OFFSET") == NULL)) {
+    //
+    // Request has no request element, construct full request string.
+    // Allocate and fill a buffer large enough to hold the <ConfigHdr> template
+    // followed by "&OFFSET=0&WIDTH=WWWWWWWWWWWWWWWW" followed by a Null-terminator
+    //
+    DriverHandle = HiiGetDriverImageHandleCB();
+    ConfigRequestHdr = HiiConstructConfigHdr (&gHiiSetupVariableGuid, OpalPasswordStorageName, DriverHandle);
+    Size = (StrLen (ConfigRequestHdr) + 32 + 1) * sizeof (CHAR16);
+    ConfigRequest = AllocateZeroPool (Size);
+    if (ConfigRequest == NULL) {
+      return EFI_OUT_OF_RESOURCES;
+    }
+    AllocatedRequest = TRUE;
+    UnicodeSPrint (ConfigRequest, Size, L"%s&OFFSET=0&WIDTH=%016LX", ConfigRequestHdr, (UINT64)BufferSize);
+    FreePool (ConfigRequestHdr);
+  }
+
   //
   // Convert Buffer Data to <ConfigResp> by helper function BlockToConfig( )
   //
   Status = gHiiConfigRouting->BlockToConfig(
                gHiiConfigRouting,
-               Request,
+               ConfigRequest,
                (UINT8*)&gHiiConfiguration,
                sizeof(OPAL_HII_CONFIGURATION),
                Results,
                Progress
            );
 
+  //
+  // Free the allocated config request string.
+  //
+  if (AllocatedRequest) {
+    FreePool (ConfigRequest);
+    ConfigRequest = NULL;
+  }
+
+  //
+  // Set Progress string to the original request string.
+  //
+  if (Request == NULL) {
+    *Progress = NULL;
+  } else if (StrStr (Request, L"OFFSET") == NULL) {
+    *Progress = Request + StrLen (Request);
+  }
+
   return (Status);
 }
 
-- 
2.39.2