From 19483d20975148940ad26c0145acb5940b03afc3 Mon Sep 17 00:00:00 2001
From: Mounir IDRASSI <mounir.idrassi@idrix.fr>
Date: Wed, 14 Oct 2015 23:07:33 +0200
Subject: Windows Bootloader: Protect password/PIM length by filling the fields
 to their maximum length with '*' after ENTER is hit

---
 src/Boot/Windows/BootMain.cpp | 24 +++++++++++++++++++++---
 1 file changed, 21 insertions(+), 3 deletions(-)

(limited to 'src/Boot/Windows/BootMain.cpp')

diff --git a/src/Boot/Windows/BootMain.cpp b/src/Boot/Windows/BootMain.cpp
index 7101139d..f66fd36b 100644
--- a/src/Boot/Windows/BootMain.cpp
+++ b/src/Boot/Windows/BootMain.cpp
@@ -168,10 +168,19 @@ static byte AskPassword (Password &password, int& pim)
 		switch (scanCode)
 		{
 		case TC_BIOS_KEY_ENTER:
+			password.Length = pos;
+			if (hidePassword)
+			{
+				while (pos < MAX_PASSWORD)
+				{
+					PrintChar ('*');
+					pos++;
+				}
+			}
+
 			ClearBiosKeystrokeBuffer();
 			PrintEndl();
-
-			password.Length = pos;
+			
 			break;
 
 		case TC_BIOS_KEY_BACKSPACE:
@@ -228,9 +237,18 @@ static byte AskPassword (Password &password, int& pim)
 		switch (scanCode)
 		{
 		case TC_BIOS_KEY_ENTER:
+			if (hidePassword)
+			{
+				while (pos < MAX_PIM)
+				{
+					PrintChar ('*');
+					pos++;
+				}
+			}
+
 			ClearBiosKeystrokeBuffer();
 			PrintEndl();
-
+			
 			return TC_BIOS_KEY_ENTER;
 
 		case TC_BIOS_KEY_BACKSPACE:
-- 
cgit v1.2.3