From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Received-SPF: Pass (sender SPF authorized) identity=mailfrom; client-ip=192.55.52.120; helo=mga04.intel.com; envelope-from=star.zeng@intel.com; receiver=edk2-devel@lists.01.org Received: from mga04.intel.com (mga04.intel.com [192.55.52.120]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ml01.01.org (Postfix) with ESMTPS id 616932202E485 for ; Wed, 14 Mar 2018 22:46:34 -0700 (PDT) X-Amp-Result: SKIPPED(no attachment in message) X-Amp-File-Uploaded: False Received: from fmsmga005.fm.intel.com ([10.253.24.32]) by fmsmga104.fm.intel.com with ESMTP/TLS/DHE-RSA-AES256-GCM-SHA384; 14 Mar 2018 22:52:57 -0700 X-ExtLoop1: 1 X-IronPort-AV: E=Sophos;i="5.48,308,1517904000"; d="scan'208";a="211725757" Received: from shwdeopenpsi068.ccr.corp.intel.com ([10.239.158.46]) by fmsmga005.fm.intel.com with ESMTP; 14 Mar 2018 22:52:56 -0700 From: Star Zeng To: edk2-devel@lists.01.org Cc: Star Zeng , Jiewen Yao , Eric Dong , Chao Zhang Date: Thu, 15 Mar 2018 13:52:54 +0800 Message-Id: <1521093174-105584-1-git-send-email-star.zeng@intel.com> X-Mailer: git-send-email 2.7.0.windows.1 Subject: [PATCH V2] SecurityPkg OpalPasswordDxe:Fix wrong BufferSize input to UnicodeSPrint X-BeenThere: edk2-devel@lists.01.org X-Mailman-Version: 2.1.23 Precedence: list List-Id: EDK II Development List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Thu, 15 Mar 2018 05:46:35 -0000 Current code uses string length as BufferSize input to UnicodeSPrint, it is wrong and makes the pop up string trimmed. The BufferSize input to UnicodeSPrint should be the size, in bytes, of the output buffer. This is to use sizeof (mPopUpString) as the BufferSize input to UnicodeSPrint, it also updates array size of mPopUpString from 256 to 100 that is enough, otherwise the pop up string may be too long. Cc: Jiewen Yao Cc: Eric Dong Cc: Chao Zhang Contributed-under: TianoCore Contribution Agreement 1.1 Signed-off-by: Star Zeng --- SecurityPkg/Tcg/Opal/OpalPassword/OpalDriver.c | 15 +++++---------- 1 file changed, 5 insertions(+), 10 deletions(-) diff --git a/SecurityPkg/Tcg/Opal/OpalPassword/OpalDriver.c b/SecurityPkg/Tcg/Opal/OpalPassword/OpalDriver.c index 1b55bbe4ecb8..6344deb86750 100644 --- a/SecurityPkg/Tcg/Opal/OpalPassword/OpalDriver.c +++ b/SecurityPkg/Tcg/Opal/OpalPassword/OpalDriver.c @@ -27,7 +27,7 @@ EFI_GUID mOpalDeviceNvmeGuid = OPAL_DEVICE_NVME_GUID; BOOLEAN mOpalEndOfDxe = FALSE; OPAL_REQUEST_VARIABLE *mOpalRequestVariable = NULL; UINTN mOpalRequestVariableSize = 0; -CHAR16 mPopUpString[256]; +CHAR16 mPopUpString[100]; typedef struct { UINT32 Address; @@ -908,9 +908,9 @@ OpalDriverPopUpPasswordInput ( } /** - Check if disk is locked, show popup window and ask for password if it is. + Get pop up string. - @param[in] Dev The device which need to be unlocked. + @param[in] Dev The OPAL device. @param[in] RequestString Request string. **/ @@ -920,15 +920,10 @@ OpalGetPopUpString ( IN CHAR16 *RequestString ) { - UINTN StrLength; - - StrLength = StrLen (RequestString) + 1 + MAX (StrLen (Dev->Name16), StrLen (L"Disk")); - ASSERT (StrLength < sizeof (mPopUpString) / sizeof (CHAR16)); - if (Dev->Name16 == NULL) { - UnicodeSPrint (mPopUpString, StrLength + 1, L"%s Disk", RequestString); + UnicodeSPrint (mPopUpString, sizeof (mPopUpString), L"%s Disk", RequestString); } else { - UnicodeSPrint (mPopUpString, StrLength + 1, L"%s %s", RequestString, Dev->Name16); + UnicodeSPrint (mPopUpString, sizeof (mPopUpString), L"%s %s", RequestString, Dev->Name16); } return mPopUpString; -- 2.7.0.windows.1