[PATCH 1/1] efi_loader: sanitize efi_tcg2_final_events_table definition
Ilias Apalodimas
ilias.apalodimas at linaro.org
Thu Apr 11 10:36:27 CEST 2024
On Thu, 11 Apr 2024 at 00:50, Heinrich Schuchardt
<heinrich.schuchardt at canonical.com> wrote:
>
> The length of the variable name typically is not 1.
> Neither the length of the variable name nor the size of the appended
> data is known in the include.
>
> * Define the size of element variable_name as variable.
> * Remove the unusable element variable_data.
>
> Addresses-Coverity-ID: 467400 Out-of-bounds read
> Signed-off-by: Heinrich Schuchardt <heinrich.schuchardt at canonical.com>
> ---
> include/efi_tcg2.h | 8 +++-----
> 1 file changed, 3 insertions(+), 5 deletions(-)
>
> diff --git a/include/efi_tcg2.h b/include/efi_tcg2.h
> index b21c5cb3dd6..a75b5a35b6e 100644
> --- a/include/efi_tcg2.h
> +++ b/include/efi_tcg2.h
> @@ -150,16 +150,14 @@ struct efi_tcg2_final_events_table {
> * the variable.
> * @variable_data_length: The size of the variable data.
> * @unicode_name: The CHAR16 unicode name of the variable
> - * without NULL-terminator.
> - * @variable_data: The data parameter of the efi variable
> - * in the GetVariable() API.
> + * without NULL-terminator followed by data.
> */
> struct efi_tcg2_uefi_variable_data {
> efi_guid_t variable_name;
> u64 unicode_name_length;
> u64 variable_data_length;
> - u16 unicode_name[1];
> - u8 variable_data[1];
> + u16 unicode_name[];
> + // u8 variable_data[];
> };
>
> /**
> --
> 2.43.0
>
Reviewed-by: Ilias Apalodimas <ilias.apalodimas at linaro.org>
More information about the U-Boot
mailing list