public inbox for devel@edk2.groups.io
 help / color / mirror / Atom feed
* [edk2-platforms][PATCH V1 1/1] UserInterfacePkg/UserAuthentication: Fix NULL pointer dereferences
@ 2019-08-27  1:35 Kubacki, Michael A
  2019-08-28  0:28 ` Dandan Bi
  0 siblings, 1 reply; 2+ messages in thread
From: Kubacki, Michael A @ 2019-08-27  1:35 UTC (permalink / raw)
  To: devel; +Cc: Dandan Bi, Liming Gao

REF:https://bugzilla.tianocore.org/show_bug.cgi?id=2115

Cc: Dandan Bi <dandan.bi@intel.com>
Cc: Liming Gao <liming.gao@intel.com>
Signed-off-by: Michael Kubacki <michael.a.kubacki@intel.com>
---
 Platform/Intel/UserInterfaceFeaturePkg/UserAuthentication/UserAuthentication2Dxe.c | 8 +++++++-
 1 file changed, 7 insertions(+), 1 deletion(-)

diff --git a/Platform/Intel/UserInterfaceFeaturePkg/UserAuthentication/UserAuthentication2Dxe.c b/Platform/Intel/UserInterfaceFeaturePkg/UserAuthentication/UserAuthentication2Dxe.c
index 55b264f4ff..b4326d380f 100644
--- a/Platform/Intel/UserInterfaceFeaturePkg/UserAuthentication/UserAuthentication2Dxe.c
+++ b/Platform/Intel/UserInterfaceFeaturePkg/UserAuthentication/UserAuthentication2Dxe.c
@@ -300,13 +300,16 @@ UserAuthenticationCallback (
         switch (mUserAuthenticationData->PasswordState) {
         case BROWSER_STATE_VALIDATE_PASSWORD:
           UserInputPassword = HiiGetString (mUserAuthenticationData->HiiHandle, Value->string, NULL);
+          if (UserInputPassword == NULL) {
+            return EFI_UNSUPPORTED;
+          }
           if ((StrLen (UserInputPassword) >= PASSWORD_MAX_SIZE)) {
             Status = EFI_NOT_READY;
             break;
           }
           if (UserInputPassword[0] == 0) {
             //
-            // Setup will use a NULL password to check whether the old password is set,
+            // Setup will use an empty password to check whether the old password is set,
             // If the validation is successful, means there is no old password, return
             // success to set the new password. Or need to return EFI_NOT_READY to
             // let user input the old password.
@@ -343,6 +346,9 @@ UserAuthenticationCallback (
 
         case BROWSER_STATE_SET_PASSWORD:
           UserInputPassword = HiiGetString (mUserAuthenticationData->HiiHandle, Value->string, NULL);
+          if (UserInputPassword == NULL) {
+            return EFI_UNSUPPORTED;
+          }
           if ((StrLen (UserInputPassword) >= PASSWORD_MAX_SIZE)) {
             Status = EFI_NOT_READY;
             break;
-- 
2.16.2.windows.1


^ permalink raw reply related	[flat|nested] 2+ messages in thread

end of thread, other threads:[~2019-08-28  0:29 UTC | newest]

Thread overview: 2+ messages (download: mbox.gz follow: Atom feed
-- links below jump to the message on this page --
2019-08-27  1:35 [edk2-platforms][PATCH V1 1/1] UserInterfacePkg/UserAuthentication: Fix NULL pointer dereferences Kubacki, Michael A
2019-08-28  0:28 ` Dandan Bi

This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox