sravan/system76-edk2
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

1. Use the max string size to compare password string.

Browse Source 
2. Check whether the local variable is valid as the array index.

git-svn-id: https://edk2.svn.sourceforge.net/svnroot/edk2/trunk/edk2@10473 6f19259b-4bc3-4df7-8a09-765794883524
This commit is contained in:
lgao4
2010-05-10 02:17:31 +00:00
parent 61f0f4375b
commit e35eb8af7b
3 changed files with 8 additions and 4 deletions
Download Patch File Download Diff File Expand all files Collapse all files

4
MdeModulePkg/Universal/DriverSampleDxe/DriverSample.c
View File

@@ -187,7 +187,7 @@ ValidatePassword (
ASSERT (EncodedPassword != NULL);
StrnCpy (EncodedPassword, Password, StrLen (Password));
EncodePassword (EncodedPassword, StrLen (EncodedPassword) * sizeof (CHAR16));
if (CompareMem (EncodedPassword, PrivateData->Configuration.WhatIsThePassword2, StrLen (EncodedPassword) * sizeof (CHAR16)) != 0) {
if (CompareMem (EncodedPassword, PrivateData->Configuration.WhatIsThePassword2, PasswordMaxSize) != 0) {
//
// Old password mismatch, return EFI_NOT_READY to prompt for error message
//
@@ -355,7 +355,7 @@ LoadNameValueNames (
@retval EFI_SUCCESS The Results is filled with the requested values.
@retval EFI_OUT_OF_RESOURCES Not enough memory to store the results.
@retval EFI_INVALID_PARAMETER Request is NULL, illegal syntax, or unknown name.
@retval EFI_INVALID_PARAMETER Request is illegal syntax, or unknown name.
@retval EFI_NOT_FOUND Routing data doesn't match any storage in this
driver.