SecurityPkg OpalPasswordDxe: Clean password buffer.
Cc: Feng Tian <feng.tian@intel.com>
Reviewed-by: Jiewen Yao <jiewen.yao@intel.com>
Contributed-under: TianoCore Contribution Agreement 1.0
Signed-off-by: Eric Dong <eric.dong@intel.com>
diff --git a/SecurityPkg/Tcg/Opal/OpalPasswordDxe/OpalDriver.c b/SecurityPkg/Tcg/Opal/OpalPasswordDxe/OpalDriver.c
index c9b1f8e..1c26a5e 100644
--- a/SecurityPkg/Tcg/Opal/OpalPasswordDxe/OpalDriver.c
+++ b/SecurityPkg/Tcg/Opal/OpalPasswordDxe/OpalDriver.c
@@ -240,6 +240,7 @@
}
UnicodeStrToAsciiStrS (Unicode, Ascii, MAX_PASSWORD_SIZE + 1);
+ ZeroMem (Unicode, sizeof (Unicode));
return Ascii;
}
diff --git a/SecurityPkg/Tcg/Opal/OpalPasswordDxe/OpalHii.c b/SecurityPkg/Tcg/Opal/OpalPasswordDxe/OpalHii.c
index 5e3106a..5937ce2 100644
--- a/SecurityPkg/Tcg/Opal/OpalPasswordDxe/OpalHii.c
+++ b/SecurityPkg/Tcg/Opal/OpalPasswordDxe/OpalHii.c
@@ -694,6 +694,8 @@
Ret = OpalSupportPsidRevert(&Session, Psid.Psid, (UINT32)sizeof(Psid.Psid), OpalDisk->OpalDevicePath);
}
+ ZeroMem (Psid.Psid, PSID_CHARACTER_LENGTH);
+
if (Ret == TcgResultSuccess) {
AsciiSPrint( Response, DEFAULT_RESPONSE_SIZE, "%a", "PSID Revert: Success" );
} else {
@@ -1099,8 +1101,8 @@
EFI_STRING_ID Str
)
{
- OPAL_DISK* OpalDisk;
- CHAR8 Password[MAX_PASSWORD_CHARACTER_LENGTH + 1];
+ OPAL_DISK* OpalDisk;
+ CHAR8 Password[MAX_PASSWORD_CHARACTER_LENGTH + 1];
CHAR16* UniStr;
UINT32 PassLength;
EFI_STATUS Status;
@@ -1124,15 +1126,20 @@
if (UniStr == NULL) {
return EFI_NOT_FOUND;
}
+
+ HiiSetString(gHiiPackageListHandle, Str, L"", NULL);
+
PassLength = (UINT32) StrLen (UniStr);
if (PassLength >= sizeof(Password)) {
HiiSetFormString(STRING_TOKEN(STR_ACTION_STATUS), "Password too long");
- gBS->FreePool(UniStr);
+ ZeroMem (UniStr, StrSize (UniStr));
+ FreePool(UniStr);
return EFI_BUFFER_TOO_SMALL;
}
UnicodeStrToAsciiStrS (UniStr, Password, sizeof (Password));
- gBS->FreePool(UniStr);
+ ZeroMem (UniStr, StrSize (UniStr));
+ FreePool(UniStr);
if (gHiiConfiguration.SelectedAction == HII_KEY_ID_GOTO_UNLOCK) {
Status = HiiUnlock (OpalDisk, Password, PassLength);
@@ -1154,6 +1161,8 @@
Status = HiiSetPassword(OpalDisk, Password, PassLength);
}
+ ZeroMem (Password, sizeof (Password));
+
OpalHiiSetBrowserData ();
return Status;
