From bf342907c8ca9fd00253545af25c5bdd5eeef74e Mon Sep 17 00:00:00 2001
From: Dandan Bi <dandan.bi@intel.com>
Date: Mon, 20 Feb 2017 10:20:08 +0800
Subject: MdeModulePkg/HiiDatabase: clean the value before setting default
 string

For string op-code, the default string may not reach the
maximum size, so when generating <AltResp> string, we should
clean the value before setting the default string.

https://bugzilla.tianocore.org/show_bug.cgi?id=375

Cc: Eric Dong <eric.dong@intel.com>
Cc: Liming Gao <liming.gao@intel.com>
Contributed-under: TianoCore Contribution Agreement 1.0
Signed-off-by: Dandan Bi <dandan.bi@intel.com>
Reviewed-by: Eric Dong <eric.dong@intel.com>
---
 MdeModulePkg/Universal/HiiDatabaseDxe/ConfigRouting.c | 17 +++++++++++++++--
 1 file changed, 15 insertions(+), 2 deletions(-)

(limited to 'MdeModulePkg')

diff --git a/MdeModulePkg/Universal/HiiDatabaseDxe/ConfigRouting.c b/MdeModulePkg/Universal/HiiDatabaseDxe/ConfigRouting.c
index d547f42f3a..ccf4b5a967 100644
--- a/MdeModulePkg/Universal/HiiDatabaseDxe/ConfigRouting.c
+++ b/MdeModulePkg/Universal/HiiDatabaseDxe/ConfigRouting.c
@@ -1,7 +1,7 @@
 /** @file
 Implementation of interfaces function for EFI_HII_CONFIG_ROUTING_PROTOCOL.
 
-Copyright (c) 2007 - 2016, Intel Corporation. All rights reserved.<BR>
+Copyright (c) 2007 - 2017, Intel Corporation. All rights reserved.<BR>
 This program and the accompanying materials
 are licensed and made available under the terms and conditions of the BSD License
 which accompanies this distribution.  The full text of the license may be found at
@@ -3581,6 +3581,7 @@ GenerateAltConfigResp (
   UINTN                 Width;
   UINT8                 *TmpBuffer;
   CHAR16                *DefaultString;
+  UINTN                 StrSize;
 
   BlockData     = NULL;
   DataExist     = FALSE;
@@ -3698,7 +3699,15 @@ GenerateAltConfigResp (
         //
         if (BlockData->OpCode == EFI_IFR_STRING_OP){
           DefaultString   = InternalGetString(HiiHandle, DefaultValueData->Value.string);
-          TmpBuffer = (UINT8 *) DefaultString;
+          TmpBuffer = AllocateZeroPool (Width);
+          ASSERT (TmpBuffer != NULL);
+          if (DefaultString != NULL) {
+            StrSize = StrLen(DefaultString)* sizeof (CHAR16);
+            if (StrSize > Width) {
+              StrSize = Width;
+            }
+            CopyMem (TmpBuffer, (UINT8 *) DefaultString, StrSize);
+          }
         } else {
           TmpBuffer = (UINT8 *) &(DefaultValueData->Value);
         }
@@ -3709,6 +3718,10 @@ GenerateAltConfigResp (
           FreePool(DefaultString);
           DefaultString = NULL;
         }
+        if (BlockData->OpCode == EFI_IFR_STRING_OP && TmpBuffer != NULL) {
+          FreePool(TmpBuffer);
+          TmpBuffer  = NULL;
+        }
       }
     }
   }
-- 
cgit v1.2.3