From 1921b89c48680ec0a180adeaab26a23c3e5a3f72 Mon Sep 17 00:00:00 2001 From: Mounir IDRASSI Date: Thu, 28 Nov 2019 18:36:36 +0100 Subject: Fix F5 showing previous password after failed authentication attempt. Ensure that even wrong password value are cleared from memory. --- Library/PasswordLib/ConsolePassword.c | 26 +++++++++++++++----------- Library/VeraCryptLib/DcsVeraCrypt.c | 2 ++ 2 files changed, 17 insertions(+), 11 deletions(-) (limited to 'Library') diff --git a/Library/PasswordLib/ConsolePassword.c b/Library/PasswordLib/ConsolePassword.c index 0b2d3c6..8588a19 100644 --- a/Library/PasswordLib/ConsolePassword.c +++ b/Library/PasswordLib/ConsolePassword.c @@ -29,6 +29,8 @@ AskConsolePwdInt( EFI_INPUT_KEY key; UINT32 count = 0; UINTN i; + + if ((asciiLine != NULL) && (line_max >= 1)) asciiLine[0] = '\0'; gST->ConOut->EnableCursor(gST->ConOut, TRUE); if (gPasswordTimeout) { @@ -63,19 +65,21 @@ AskConsolePwdInt( if (key.ScanCode == SCAN_F5) { show = show ? 0 : 1; - if (show) { - for (i = 0; i < count; i++) { - OUT_PRINT(L"\b"); - } - OUT_PRINT(L"%a", asciiLine); - } - else { - for (i = 0; i < count; i++) { - OUT_PRINT(L"\b"); + if (count > 0) { + if (show) { + for (i = 0; i < count; i++) { + OUT_PRINT(L"\b"); + } + OUT_PRINT(L"%a", asciiLine); } - if (gPasswordProgress) { + else { for (i = 0; i < count; i++) { - OUT_PRINT(L"*"); + OUT_PRINT(L"\b"); + } + if (gPasswordProgress) { + for (i = 0; i < count; i++) { + OUT_PRINT(L"*"); + } } } } diff --git a/Library/VeraCryptLib/DcsVeraCrypt.c b/Library/VeraCryptLib/DcsVeraCrypt.c index c3e8a39..b99ed0b 100644 --- a/Library/VeraCryptLib/DcsVeraCrypt.c +++ b/Library/VeraCryptLib/DcsVeraCrypt.c @@ -400,9 +400,11 @@ VCAskPwd( VOID VCAuthAsk() { + MEM_BURN(&gAuthPassword, sizeof(gAuthPassword)); VCAskPwd(AskPwdLogin, &gAuthPassword); if ((gAuthPwdCode == AskPwdRetCancel) || (gAuthPwdCode == AskPwdRetTimeout)) { + MEM_BURN(&gAuthPassword, sizeof(gAuthPassword)); return; } -- cgit v1.2.3