Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

SmmPasswordHandler Failure to ailure to clear Password Data SMM_PASSWORD_FUNCTION_VERIFY_PASSWORD (Bugzilla Bug 4647) #703

Open
tianocore-issues opened this issue Jan 17, 2024 · 2 comments

Comments

@tianocore-issues
Copy link

This issue was created automatically with bugzilla2github

Bugzilla Bug 4647

Date: 2024-01-17T01:55:51+00:00
From: tabassum.yasmin
To: unassigned <>
CC: @lgao4

Last updated: 2024-01-30T21:47:11+00:00

@tianocore-issues
Copy link
Author

Comment 22376

Date: 2024-01-17 01:55:51 +0000
From: tabassum.yasmin

  • Industry Specification: ---
  • Release Observed: edk2-stable202305
  • Releases to Fix: edk2-stable202305
  • Target OS: ---
  • Bugzilla Assignee(s): unassigned <>

In the case SMM_PASSWORD_FUNCTION_VERIFY_PASSWORD, the password is copied into a local variable
SmmCommunicateVerifyPassword. Whether the password meets the checks and reaches the end of the case
or hits a goto EXIT statement, SmmCommunicateVerifyPassword is not zeroed.

Code snippet below

case SMM_PASSWORD_FUNCTION_VERIFY_PASSWORD:

CopyMem (&SmmCommunicateVerifyPassword, SmmFunctionHeader + 1, sizeof(SmmCommunicateVerifyPassword));

if (!IsPasswordVerified (UserGuid, SmmCommunicateVerifyPassword.Password, PasswordLen + 1)) {
DEBUG ((DEBUG_ERROR, "SmmPasswordHandler: PasswordVerify - FAIL\n"));
if (*PasswordTryCount >= PASSWORD_MAX_TRY_COUNT) {
DEBUG ((DEBUG_ERROR, "SmmPasswordHandler: VERIFY_PASSWORD try count reach!\n"));
Status = EFI_ACCESS_DENIED;
} else {
Status = EFI_SECURITY_VIOLATION;
}
goto EXIT;
}
mPasswordVerified = TRUE;
Status = EFI_SUCCESS;
break;

@tianocore-issues
Copy link
Author

Comment 22461

Date: 2024-01-30 21:47:11 +0000
From: @lgao4

[email protected]: please work on it.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Projects
None yet
Development

No branches or pull requests

1 participant