[tianocore/edk2] 904e34: SecurityPkg OpalPasswordDxe: Fix buffer overflow i...

GitHub Tue, 02 Aug 2016 19:07:29 -0700

  Branch: refs/heads/UDK2015
  Home:   https://github.com/tianocore/edk2
  Commit: 904e345d94f1ed6400f1fe5c4831bc1975971899
      
https://github.com/tianocore/edk2/commit/904e345d94f1ed6400f1fe5c4831bc1975971899
  Author: Dong, Eric <eric.d...@intel.com>
  Date:   2016-08-03 (Wed, 03 Aug 2016)


  Changed paths:
    M SecurityPkg/Tcg/Opal/OpalPasswordDxe/OpalHii.c
    M SecurityPkg/Tcg/Opal/OpalPasswordDxe/OpalHiiFormValues.h

  Log Message:
  -----------
  SecurityPkg OpalPasswordDxe: Fix buffer overflow issue.

In current code, PSID is processed as string and the length is 0x20.
Current code only reserved 0x20 length buffer for it, no extra buffer
for the '\0'. When driver call UnicodeStrToAsciiStrS to convert PSID,
it search the '\0' for the end. So extra dirty data saved in PSID
info which caused PSID revert action failed. This patch reserved
extra 1 byte data for the '\0'.

Contributed-under: TianoCore Contribution Agreement 1.0
Signed-off-by: Eric Dong <eric.d...@intel.com>
Cc: Star Zeng <star.z...@intel.com>
Reviewed-by: Star Zeng <star.z...@intel.com>
(cherry picked from commit 4636e4426a31802c25bd8409be9031c4d20324f4)

------------------------------------------------------------------------------

_______________________________________________
edk2-commits mailing list
edk2-commits@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/edk2-commits

[tianocore/edk2] 904e34: SecurityPkg OpalPasswordDxe: Fix buffer overflow i...

Reply via email to