From ba944801a988dddf3ed217c72c8d880d0f03d150 Mon Sep 17 00:00:00 2001
From: ydong10 <ydong10@6f19259b-4bc3-4df7-8a09-765794883524>
Date: Fri, 26 Aug 2011 01:54:49 +0000
Subject: Fixed memory leak and buffer overrun for string op-code.

Signed-off-by:ydong10
Reviewed-by:lgao4



git-svn-id: https://edk2.svn.sourceforge.net/svnroot/edk2/trunk/edk2@12213 6f19259b-4bc3-4df7-8a09-765794883524
---
 MdeModulePkg/Universal/SetupBrowserDxe/Setup.c | 6 +++++-
 1 file changed, 5 insertions(+), 1 deletion(-)

(limited to 'MdeModulePkg')

diff --git a/MdeModulePkg/Universal/SetupBrowserDxe/Setup.c b/MdeModulePkg/Universal/SetupBrowserDxe/Setup.c
index 65ce5bddce..0b526d0a02 100644
--- a/MdeModulePkg/Universal/SetupBrowserDxe/Setup.c
+++ b/MdeModulePkg/Universal/SetupBrowserDxe/Setup.c
@@ -2596,7 +2596,11 @@ GetQuestionDefault (
           if (StrValue == NULL) {
             return EFI_NOT_FOUND;
           }
-          Question->BufferValue = AllocateCopyPool (StrSize (StrValue), StrValue);
+          if (Question->StorageWidth > StrSize (StrValue)) {
+            CopyMem (Question->BufferValue, StrValue, StrSize (StrValue));
+          } else {
+            CopyMem (Question->BufferValue, StrValue, Question->StorageWidth);
+          }
         }
 
         return EFI_SUCCESS;
-- 
cgit v1.2.3