You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
In the case SMM_PASSWORD_FUNCTION_VERIFY_PASSWORD, the password is copied into a local variable
SmmCommunicateVerifyPassword. Whether the password meets the checks and reaches the end of the case
or hits a goto EXIT statement, SmmCommunicateVerifyPassword is not zeroed.
Code snippet below
case SMM_PASSWORD_FUNCTION_VERIFY_PASSWORD:
…
CopyMem (&SmmCommunicateVerifyPassword, SmmFunctionHeader + 1, sizeof(SmmCommunicateVerifyPassword));
…
if (!IsPasswordVerified (UserGuid, SmmCommunicateVerifyPassword.Password, PasswordLen + 1)) {
DEBUG ((DEBUG_ERROR, "SmmPasswordHandler: PasswordVerify - FAIL\n"));
if (*PasswordTryCount >= PASSWORD_MAX_TRY_COUNT) {
DEBUG ((DEBUG_ERROR, "SmmPasswordHandler: VERIFY_PASSWORD try count reach!\n"));
Status = EFI_ACCESS_DENIED;
} else {
Status = EFI_SECURITY_VIOLATION;
}
goto EXIT;
}
mPasswordVerified = TRUE;
Status = EFI_SUCCESS;
break;
This issue was created automatically with bugzilla2github
Bugzilla Bug 4647
Date: 2024-01-17T01:55:51+00:00
From: tabassum.yasmin
To: unassigned <>
CC: @lgao4
Last updated: 2024-01-30T21:47:11+00:00
The text was updated successfully, but these errors were encountered: