diff options
| author | lgao4 <lgao4@6f19259b-4bc3-4df7-8a09-765794883524> | 2010-05-10 02:17:31 +0000 |
|---|---|---|
| committer | lgao4 <lgao4@6f19259b-4bc3-4df7-8a09-765794883524> | 2010-05-10 02:17:31 +0000 |
| commit | e35eb8af7b27e0c035f668787d366d05c608ac81 (patch) | |
| tree | 8502044fef260195a9f2cc479860c39aeae57911 | |
| parent | 61f0f4375b35dd9b3ab6f1e1803385b57a22c7fb (diff) | |
| download | edk2-e35eb8af7b27e0c035f668787d366d05c608ac81.tar.gz edk2-e35eb8af7b27e0c035f668787d366d05c608ac81.tar.bz2 edk2-e35eb8af7b27e0c035f668787d366d05c608ac81.zip | |
1. Use the max string size to compare password string.
2. Check whether the local variable is valid as the array index.
git-svn-id: https://edk2.svn.sourceforge.net/svnroot/edk2/trunk/edk2@10473 6f19259b-4bc3-4df7-8a09-765794883524
3 files changed, 8 insertions, 4 deletions
diff --git a/MdeModulePkg/Universal/DriverSampleDxe/DriverSample.c b/MdeModulePkg/Universal/DriverSampleDxe/DriverSample.c index 14ac72fe1d..ff9e4b2179 100644 --- a/MdeModulePkg/Universal/DriverSampleDxe/DriverSample.c +++ b/MdeModulePkg/Universal/DriverSampleDxe/DriverSample.c @@ -187,7 +187,7 @@ ValidatePassword ( ASSERT (EncodedPassword != NULL);
StrnCpy (EncodedPassword, Password, StrLen (Password));
EncodePassword (EncodedPassword, StrLen (EncodedPassword) * sizeof (CHAR16));
- if (CompareMem (EncodedPassword, PrivateData->Configuration.WhatIsThePassword2, StrLen (EncodedPassword) * sizeof (CHAR16)) != 0) {
+ if (CompareMem (EncodedPassword, PrivateData->Configuration.WhatIsThePassword2, PasswordMaxSize) != 0) {
//
// Old password mismatch, return EFI_NOT_READY to prompt for error message
//
@@ -355,7 +355,7 @@ LoadNameValueNames ( @retval EFI_SUCCESS The Results is filled with the requested values.
@retval EFI_OUT_OF_RESOURCES Not enough memory to store the results.
- @retval EFI_INVALID_PARAMETER Request is NULL, illegal syntax, or unknown name.
+ @retval EFI_INVALID_PARAMETER Request is illegal syntax, or unknown name.
@retval EFI_NOT_FOUND Routing data doesn't match any storage in this
driver.
diff --git a/MdeModulePkg/Universal/PlatformDriOverrideDxe/PlatDriOverrideDxe.c b/MdeModulePkg/Universal/PlatformDriOverrideDxe/PlatDriOverrideDxe.c index 4f68d98e6b..38812f92f2 100644 --- a/MdeModulePkg/Universal/PlatformDriOverrideDxe/PlatDriOverrideDxe.c +++ b/MdeModulePkg/Universal/PlatformDriOverrideDxe/PlatDriOverrideDxe.c @@ -661,7 +661,7 @@ UpdateBindingDriverSelectPage ( // Switch the item callback key value to its NO. in mDevicePathHandleBuffer
//
mSelectedCtrIndex = KeyValue - KEY_VALUE_DEVICE_OFFSET;
- ASSERT (mSelectedCtrIndex < MAX_CHOICE_NUM);
+ ASSERT (mSelectedCtrIndex >= 0 && mSelectedCtrIndex < MAX_CHOICE_NUM);
mLastSavedDriverImageNum = 0;
@@ -1145,7 +1145,7 @@ CommintChanges ( @retval EFI_SUCCESS The Results is filled with the requested values.
@retval EFI_OUT_OF_RESOURCES Not enough memory to store the results.
- @retval EFI_INVALID_PARAMETER Request is NULL, illegal syntax, or unknown name.
+ @retval EFI_INVALID_PARAMETER Request is illegal syntax, or unknown name.
@retval EFI_NOT_FOUND Routing data doesn't match any storage in this driver.
**/
diff --git a/MdeModulePkg/Universal/SetupBrowserDxe/InputHandler.c b/MdeModulePkg/Universal/SetupBrowserDxe/InputHandler.c index 2541743f4f..2905006856 100644 --- a/MdeModulePkg/Universal/SetupBrowserDxe/InputHandler.c +++ b/MdeModulePkg/Universal/SetupBrowserDxe/InputHandler.c @@ -464,16 +464,20 @@ TheKey2: }
if (MenuOption->Sequence == 0) {
+ ASSERT (EraseLen >= 2);
FormattedNumber[EraseLen - 2] = DATE_SEPARATOR;
} else if (MenuOption->Sequence == 1) {
+ ASSERT (EraseLen >= 1);
FormattedNumber[EraseLen - 1] = DATE_SEPARATOR;
}
} else if (Question->Operand == EFI_IFR_TIME_OP) {
UnicodeSPrint (FormattedNumber, 21 * sizeof (CHAR16), L"%02d", (UINT8) EditValue);
if (MenuOption->Sequence == 0) {
+ ASSERT (EraseLen >= 2);
FormattedNumber[EraseLen - 2] = TIME_SEPARATOR;
} else if (MenuOption->Sequence == 1) {
+ ASSERT (EraseLen >= 1);
FormattedNumber[EraseLen - 1] = TIME_SEPARATOR;
}
} else {
|