Reviewed-by: Dandan Bi <[email protected]>
Thanks, Dandan > -----Original Message----- > From: Kubacki, Michael A > Sent: Tuesday, August 27, 2019 9:36 AM > To: [email protected] > Cc: Bi, Dandan <[email protected]>; Gao, Liming <[email protected]> > Subject: [edk2-platforms][PATCH V1 1/1] > UserInterfacePkg/UserAuthentication: Fix NULL pointer dereferences > > REF:https://bugzilla.tianocore.org/show_bug.cgi?id=2115 > > Cc: Dandan Bi <[email protected]> > Cc: Liming Gao <[email protected]> > Signed-off-by: Michael Kubacki <[email protected]> > --- > > Platform/Intel/UserInterfaceFeaturePkg/UserAuthentication/UserAuthentic > ation2Dxe.c | 8 +++++++- > 1 file changed, 7 insertions(+), 1 deletion(-) > > diff --git > a/Platform/Intel/UserInterfaceFeaturePkg/UserAuthentication/UserAuthen > tication2Dxe.c > b/Platform/Intel/UserInterfaceFeaturePkg/UserAuthentication/UserAuthen > tication2Dxe.c > index 55b264f4ff..b4326d380f 100644 > --- > a/Platform/Intel/UserInterfaceFeaturePkg/UserAuthentication/UserAuthen > tication2Dxe.c > +++ > b/Platform/Intel/UserInterfaceFeaturePkg/UserAuthentication/UserAuthen > tication2Dxe.c > @@ -300,13 +300,16 @@ UserAuthenticationCallback ( > switch (mUserAuthenticationData->PasswordState) { > case BROWSER_STATE_VALIDATE_PASSWORD: > UserInputPassword = HiiGetString (mUserAuthenticationData- > >HiiHandle, Value->string, NULL); > + if (UserInputPassword == NULL) { > + return EFI_UNSUPPORTED; > + } > if ((StrLen (UserInputPassword) >= PASSWORD_MAX_SIZE)) { > Status = EFI_NOT_READY; > break; > } > if (UserInputPassword[0] == 0) { > // > - // Setup will use a NULL password to check whether the old > password > is set, > + // Setup will use an empty password to check whether the old > password is set, > // If the validation is successful, means there is no old > password, > return > // success to set the new password. Or need to return > EFI_NOT_READY to > // let user input the old password. > @@ -343,6 +346,9 @@ UserAuthenticationCallback ( > > case BROWSER_STATE_SET_PASSWORD: > UserInputPassword = HiiGetString (mUserAuthenticationData- > >HiiHandle, Value->string, NULL); > + if (UserInputPassword == NULL) { > + return EFI_UNSUPPORTED; > + } > if ((StrLen (UserInputPassword) >= PASSWORD_MAX_SIZE)) { > Status = EFI_NOT_READY; > break; > -- > 2.16.2.windows.1 -=-=-=-=-=-=-=-=-=-=-=- Groups.io Links: You receive all messages sent to this group. View/Reply Online (#46501): https://edk2.groups.io/g/devel/message/46501 Mute This Topic: https://groups.io/mt/33041774/21656 Group Owner: [email protected] Unsubscribe: https://edk2.groups.io/g/devel/unsub [[email protected]] -=-=-=-=-=-=-=-=-=-=-=-
