Eric Dong 87acb6e298 SecurityPkg OpalPasswordSupportLib: Add check to avoid potential buffer overflow.
Current code not check the CommunicationBuffer size before use it. Attacker can
read beyond the end of the (untrusted) commbuffer into controlled memory. Attacker
can get access outside of valid SMM memory regions. This patch add check before
use it.

bugz: https://bugzilla.tianocore.org/show_bug.cgi?id=198

Cc: Yao Jiewen <jiewen.yao@intel.com>
Cc: Wu Hao <hao.a.wu@intel.com>
Contributed-under: TianoCore Contribution Agreement 1.0
Signed-off-by: Eric Dong <eric.dong@intel.com>
Reviewed-by: Yao Jiewen <jiewen.yao@intel.com>
2018-08-01 19:11:00 +08:00
2016-10-26 09:34:34 -07:00
2014-10-14 16:08:15 +00:00
2017-03-10 10:44:13 +08:00
Description
313 MiB
Languages
C 82.2%
Python 10.3%
Assembly 3.4%
Rich Text Format 1.8%
C++ 0.7%
Other 1.2%