* [edk2-platforms][PATCH V1 1/1] UserInterfacePkg/UserAuthentication: Fix NULL pointer dereferences
@ 2019-08-27 1:35 Kubacki, Michael A
2019-08-28 0:28 ` Dandan Bi
0 siblings, 1 reply; 2+ messages in thread
From: Kubacki, Michael A @ 2019-08-27 1:35 UTC (permalink / raw)
To: devel; +Cc: Dandan Bi, Liming Gao
REF:https://bugzilla.tianocore.org/show_bug.cgi?id=2115
Cc: Dandan Bi <dandan.bi@intel.com>
Cc: Liming Gao <liming.gao@intel.com>
Signed-off-by: Michael Kubacki <michael.a.kubacki@intel.com>
---
Platform/Intel/UserInterfaceFeaturePkg/UserAuthentication/UserAuthentication2Dxe.c | 8 +++++++-
1 file changed, 7 insertions(+), 1 deletion(-)
diff --git a/Platform/Intel/UserInterfaceFeaturePkg/UserAuthentication/UserAuthentication2Dxe.c b/Platform/Intel/UserInterfaceFeaturePkg/UserAuthentication/UserAuthentication2Dxe.c
index 55b264f4ff..b4326d380f 100644
--- a/Platform/Intel/UserInterfaceFeaturePkg/UserAuthentication/UserAuthentication2Dxe.c
+++ b/Platform/Intel/UserInterfaceFeaturePkg/UserAuthentication/UserAuthentication2Dxe.c
@@ -300,13 +300,16 @@ UserAuthenticationCallback (
switch (mUserAuthenticationData->PasswordState) {
case BROWSER_STATE_VALIDATE_PASSWORD:
UserInputPassword = HiiGetString (mUserAuthenticationData->HiiHandle, Value->string, NULL);
+ if (UserInputPassword == NULL) {
+ return EFI_UNSUPPORTED;
+ }
if ((StrLen (UserInputPassword) >= PASSWORD_MAX_SIZE)) {
Status = EFI_NOT_READY;
break;
}
if (UserInputPassword[0] == 0) {
//
- // Setup will use a NULL password to check whether the old password is set,
+ // Setup will use an empty password to check whether the old password is set,
// If the validation is successful, means there is no old password, return
// success to set the new password. Or need to return EFI_NOT_READY to
// let user input the old password.
@@ -343,6 +346,9 @@ UserAuthenticationCallback (
case BROWSER_STATE_SET_PASSWORD:
UserInputPassword = HiiGetString (mUserAuthenticationData->HiiHandle, Value->string, NULL);
+ if (UserInputPassword == NULL) {
+ return EFI_UNSUPPORTED;
+ }
if ((StrLen (UserInputPassword) >= PASSWORD_MAX_SIZE)) {
Status = EFI_NOT_READY;
break;
--
2.16.2.windows.1
^ permalink raw reply related [flat|nested] 2+ messages in thread* Re: [edk2-platforms][PATCH V1 1/1] UserInterfacePkg/UserAuthentication: Fix NULL pointer dereferences
2019-08-27 1:35 [edk2-platforms][PATCH V1 1/1] UserInterfacePkg/UserAuthentication: Fix NULL pointer dereferences Kubacki, Michael A
@ 2019-08-28 0:28 ` Dandan Bi
0 siblings, 0 replies; 2+ messages in thread
From: Dandan Bi @ 2019-08-28 0:28 UTC (permalink / raw)
To: Kubacki, Michael A, devel@edk2.groups.io; +Cc: Gao, Liming
Reviewed-by: Dandan Bi <dandan.bi@intel.com>
Thanks,
Dandan
> -----Original Message-----
> From: Kubacki, Michael A
> Sent: Tuesday, August 27, 2019 9:36 AM
> To: devel@edk2.groups.io
> Cc: Bi, Dandan <dandan.bi@intel.com>; Gao, Liming <liming.gao@intel.com>
> Subject: [edk2-platforms][PATCH V1 1/1]
> UserInterfacePkg/UserAuthentication: Fix NULL pointer dereferences
>
> REF:https://bugzilla.tianocore.org/show_bug.cgi?id=2115
>
> Cc: Dandan Bi <dandan.bi@intel.com>
> Cc: Liming Gao <liming.gao@intel.com>
> Signed-off-by: Michael Kubacki <michael.a.kubacki@intel.com>
> ---
>
> Platform/Intel/UserInterfaceFeaturePkg/UserAuthentication/UserAuthentic
> ation2Dxe.c | 8 +++++++-
> 1 file changed, 7 insertions(+), 1 deletion(-)
>
> diff --git
> a/Platform/Intel/UserInterfaceFeaturePkg/UserAuthentication/UserAuthen
> tication2Dxe.c
> b/Platform/Intel/UserInterfaceFeaturePkg/UserAuthentication/UserAuthen
> tication2Dxe.c
> index 55b264f4ff..b4326d380f 100644
> ---
> a/Platform/Intel/UserInterfaceFeaturePkg/UserAuthentication/UserAuthen
> tication2Dxe.c
> +++
> b/Platform/Intel/UserInterfaceFeaturePkg/UserAuthentication/UserAuthen
> tication2Dxe.c
> @@ -300,13 +300,16 @@ UserAuthenticationCallback (
> switch (mUserAuthenticationData->PasswordState) {
> case BROWSER_STATE_VALIDATE_PASSWORD:
> UserInputPassword = HiiGetString (mUserAuthenticationData-
> >HiiHandle, Value->string, NULL);
> + if (UserInputPassword == NULL) {
> + return EFI_UNSUPPORTED;
> + }
> if ((StrLen (UserInputPassword) >= PASSWORD_MAX_SIZE)) {
> Status = EFI_NOT_READY;
> break;
> }
> if (UserInputPassword[0] == 0) {
> //
> - // Setup will use a NULL password to check whether the old password
> is set,
> + // Setup will use an empty password to check whether the old
> password is set,
> // If the validation is successful, means there is no old password,
> return
> // success to set the new password. Or need to return
> EFI_NOT_READY to
> // let user input the old password.
> @@ -343,6 +346,9 @@ UserAuthenticationCallback (
>
> case BROWSER_STATE_SET_PASSWORD:
> UserInputPassword = HiiGetString (mUserAuthenticationData-
> >HiiHandle, Value->string, NULL);
> + if (UserInputPassword == NULL) {
> + return EFI_UNSUPPORTED;
> + }
> if ((StrLen (UserInputPassword) >= PASSWORD_MAX_SIZE)) {
> Status = EFI_NOT_READY;
> break;
> --
> 2.16.2.windows.1
^ permalink raw reply [flat|nested] 2+ messages in thread
end of thread, other threads:[~2019-08-28 0:29 UTC | newest]
Thread overview: 2+ messages (download: mbox.gz follow: Atom feed
-- links below jump to the message on this page --
2019-08-27 1:35 [edk2-platforms][PATCH V1 1/1] UserInterfacePkg/UserAuthentication: Fix NULL pointer dereferences Kubacki, Michael A
2019-08-28 0:28 ` Dandan Bi
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox