[edk2-devel] [edk2-platforms][PATCH V1 1/1] UserInterfacePkg/UserAuthentication: Fix NULL pointer dereferences
Dandan Bi
dandan.bi at intel.com
Wed Aug 28 00:28:56 UTC 2019
Reviewed-by: Dandan Bi <dandan.bi at intel.com>
Thanks,
Dandan
> -----Original Message-----
> From: Kubacki, Michael A
> Sent: Tuesday, August 27, 2019 9:36 AM
> To: devel at edk2.groups.io
> Cc: Bi, Dandan <dandan.bi at intel.com>; Gao, Liming <liming.gao at intel.com>
> Subject: [edk2-platforms][PATCH V1 1/1]
> UserInterfacePkg/UserAuthentication: Fix NULL pointer dereferences
>
> REF:https://bugzilla.tianocore.org/show_bug.cgi?id=2115
>
> Cc: Dandan Bi <dandan.bi at intel.com>
> Cc: Liming Gao <liming.gao at intel.com>
> Signed-off-by: Michael Kubacki <michael.a.kubacki at intel.com>
> ---
>
> Platform/Intel/UserInterfaceFeaturePkg/UserAuthentication/UserAuthentic
> ation2Dxe.c | 8 +++++++-
> 1 file changed, 7 insertions(+), 1 deletion(-)
>
> diff --git
> a/Platform/Intel/UserInterfaceFeaturePkg/UserAuthentication/UserAuthen
> tication2Dxe.c
> b/Platform/Intel/UserInterfaceFeaturePkg/UserAuthentication/UserAuthen
> tication2Dxe.c
> index 55b264f4ff..b4326d380f 100644
> ---
> a/Platform/Intel/UserInterfaceFeaturePkg/UserAuthentication/UserAuthen
> tication2Dxe.c
> +++
> b/Platform/Intel/UserInterfaceFeaturePkg/UserAuthentication/UserAuthen
> tication2Dxe.c
> @@ -300,13 +300,16 @@ UserAuthenticationCallback (
> switch (mUserAuthenticationData->PasswordState) {
> case BROWSER_STATE_VALIDATE_PASSWORD:
> UserInputPassword = HiiGetString (mUserAuthenticationData-
> >HiiHandle, Value->string, NULL);
> + if (UserInputPassword == NULL) {
> + return EFI_UNSUPPORTED;
> + }
> if ((StrLen (UserInputPassword) >= PASSWORD_MAX_SIZE)) {
> Status = EFI_NOT_READY;
> break;
> }
> if (UserInputPassword[0] == 0) {
> //
> - // Setup will use a NULL password to check whether the old password
> is set,
> + // Setup will use an empty password to check whether the old
> password is set,
> // If the validation is successful, means there is no old password,
> return
> // success to set the new password. Or need to return
> EFI_NOT_READY to
> // let user input the old password.
> @@ -343,6 +346,9 @@ UserAuthenticationCallback (
>
> case BROWSER_STATE_SET_PASSWORD:
> UserInputPassword = HiiGetString (mUserAuthenticationData-
> >HiiHandle, Value->string, NULL);
> + if (UserInputPassword == NULL) {
> + return EFI_UNSUPPORTED;
> + }
> if ((StrLen (UserInputPassword) >= PASSWORD_MAX_SIZE)) {
> Status = EFI_NOT_READY;
> break;
> --
> 2.16.2.windows.1
-=-=-=-=-=-=-=-=-=-=-=-
Groups.io Links: You receive all messages sent to this group.
View/Reply Online (#46501): https://edk2.groups.io/g/devel/message/46501
Mute This Topic: https://groups.io/mt/33041774/1813853
Group Owner: devel+owner at edk2.groups.io
Unsubscribe: https://edk2.groups.io/g/devel/unsub [edk2-devel-archive at redhat.com]
-=-=-=-=-=-=-=-=-=-=-=-
More information about the edk2-devel-archive
mailing list