From mboxrd@z Thu Jan 1 00:00:00 1970 Received: from mga01.intel.com (mga01.intel.com [192.55.52.88]) by mx.groups.io with SMTP id smtpd.web11.1334.1685946613916743769 for ; Sun, 04 Jun 2023 23:30:14 -0700 Authentication-Results: mx.groups.io; dkim=fail reason="unable to parse pub key" header.i=@intel.com header.s=intel header.b=jw9IdDFD; spf=pass (domain: intel.com, ip: 192.55.52.88, mailfrom: yi1.li@intel.com) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=intel.com; i=@intel.com; q=dns/txt; s=Intel; t=1685946613; x=1717482613; h=from:to:cc:subject:date:message-id:mime-version: content-transfer-encoding; bh=NsTHeOWFKKBvGlUKVV6NJ/A/iwvSON/Uk3FzFOlk5lA=; b=jw9IdDFDkxvV6a5doxTg2+uMAAcycUYxEV7ISt7PNlUlBuqC2lKQh1S8 Ha56D/pBRPKSGMwy/kztoSwAGp3f+d8dVTp9CVh6WzugPzlPtakmztGA5 fO73MvxLvbTFaF7K7tv4RICevQSo+DLcWAhux5XSIKDsJCyIJKh+egnk+ BHDjUOAp+Ta86KJOhbqxLqWfPta467bKc8LuKWKvFjj5krIFmHNrkfILg k/Q68UMSKyxamuZugz35h2ZA1Nil8AZvbqCkBxtFl6nztKdlVXRSuRrJj p7G91nn/W51kb/JNkHEmz1IozAjN6pM9zba4GbB0XRX79byRpZvlfpUAK g==; X-IronPort-AV: E=McAfee;i="6600,9927,10731"; a="384593533" X-IronPort-AV: E=Sophos;i="6.00,217,1681196400"; d="scan'208";a="384593533" Received: from orsmga006.jf.intel.com ([10.7.209.51]) by fmsmga101.fm.intel.com with ESMTP/TLS/ECDHE-RSA-AES256-GCM-SHA384; 04 Jun 2023 23:30:13 -0700 X-ExtLoop1: 1 X-IronPort-AV: E=McAfee;i="6600,9927,10731"; a="686003332" X-IronPort-AV: E=Sophos;i="6.00,217,1681196400"; d="scan'208";a="686003332" Received: from liyi4-desktop.ccr.corp.intel.com ([10.239.153.10]) by orsmga006-auth.jf.intel.com with ESMTP/TLS/ECDHE-RSA-AES256-GCM-SHA384; 04 Jun 2023 23:30:11 -0700 From: "Li, Yi" To: devel@edk2.groups.io Cc: Yi Li , Maciej Rabeda , Siyuan Fu Subject: [PATCH] NetworkPkg: Correct the length of EAP Identity when in ASCII format Date: Mon, 5 Jun 2023 14:29:57 +0800 Message-Id: <20230605062957.8331-1-yi1.li@intel.com> X-Mailer: git-send-email 2.31.1.windows.1 MIME-Version: 1.0 Content-Transfer-Encoding: 8bit FIX: https://bugzilla.tianocore.org/show_bug.cgi?id=4477 Tls connection fail over WiFi in AMT OCR flow due to invalid identity. This was due to missing conversion between unicode and ascii string which resulted in invalid strlen. Cc: Maciej Rabeda Cc: Siyuan Fu Signed-off-by: Yi Li --- .../WifiConnectionMgrImpl.c | 14 ++++++++++++-- 1 file changed, 12 insertions(+), 2 deletions(-) diff --git a/NetworkPkg/WifiConnectionManagerDxe/WifiConnectionMgrImpl.c b/NetworkPkg/WifiConnectionManagerDxe/WifiConnectionMgrImpl.c index 2e596c1981..e1430251c8 100644 --- a/NetworkPkg/WifiConnectionManagerDxe/WifiConnectionMgrImpl.c +++ b/NetworkPkg/WifiConnectionManagerDxe/WifiConnectionMgrImpl.c @@ -572,7 +572,14 @@ WifiMgrConfigEap ( // Set Identity to Eap peer, Mandatory field for PEAP and TTLS // if (StrLen (Profile->EapIdentity) > 0) { - IdentitySize = sizeof (CHAR8) * (StrLen (Profile->EapIdentity) + 1); + Status = gBS->LocateProtocol (&gWiFiProfileSyncProtocolGuid, NULL, (VOID **) &WiFiProfileSyncProtocol); + if (!EFI_ERROR (Status) && WiFiProfileSyncProtocol != NULL) { + /* Max size of EapIdentity ::= sizeof (CHAR16) * sizeof (Profile->EapIdentity) ::= 2 * EAP_IDENTITY_SIZE */ + IdentitySize = sizeof (CHAR8) * (AsciiStrnLenS ((CHAR8 *) Profile->EapIdentity, sizeof (CHAR16) * sizeof (Profile->EapIdentity)) + 1); + } else { + IdentitySize = sizeof (CHAR8) * (StrLen(Profile->EapIdentity) + 1); + } + Identity = AllocateZeroPool (IdentitySize); if (Identity == NULL) { return EFI_OUT_OF_RESOURCES; @@ -580,7 +587,10 @@ WifiMgrConfigEap ( Status = gBS->LocateProtocol (&gEdkiiWiFiProfileSyncProtocolGuid, NULL, (VOID **)&WiFiProfileSyncProtocol); if (!EFI_ERROR (Status)) { - CopyMem (Identity, &Profile->EapIdentity, IdentitySize); + /* The size of Identity from Username may equal + to the max size of EapIdentity(EAP_IDENTITY_SIZE*2=128 bytes), + so here only valid characters except NULL characters are copied. */ + CopyMem (Identity, &Profile->EapIdentity, IdentitySize - 1); } else { UnicodeStrToAsciiStrS (Profile->EapIdentity, Identity, IdentitySize); } -- 2.31.1.windows.1