| Message ID | 1425532718-2604-1-git-send-email-ivan.hu@canonical.com |
|---|---|
| State | Accepted |
| Headers | show |
On 03/05/2015 01:18 PM, Ivan Hu wrote: > CoverityScan detected a potential buffer overflow, it is because that mismatch > of set and get authenticated variable, this should directly set as ERROR and > return. And no need to compare the further data contents. > > Signed-off-by: Ivan Hu <ivan.hu@canonical.com> > --- > src/uefi/uefirtauthvar/uefirtauthvar.c | 1 + > 1 file changed, 1 insertion(+) > > diff --git a/src/uefi/uefirtauthvar/uefirtauthvar.c b/src/uefi/uefirtauthvar/uefirtauthvar.c > index 22c954b..3f696ec 100644 > --- a/src/uefi/uefirtauthvar/uefirtauthvar.c > +++ b/src/uefi/uefirtauthvar/uefirtauthvar.c > @@ -415,6 +415,7 @@ static int uefirtauthvar_test5(fwts_framework *fw) > "UEFIUpdateAuthVar", > "Get authenticated variable data size is not the " > "same as it set."); > + return FWTS_ERROR; > } > > for (i = 0; i < getdatasize; i++) { > Acked-by: Alex Hung <alex.hung@canonical.com>
On 05/03/15 05:18, Ivan Hu wrote: > CoverityScan detected a potential buffer overflow, it is because that mismatch > of set and get authenticated variable, this should directly set as ERROR and > return. And no need to compare the further data contents. > > Signed-off-by: Ivan Hu <ivan.hu@canonical.com> > --- > src/uefi/uefirtauthvar/uefirtauthvar.c | 1 + > 1 file changed, 1 insertion(+) > > diff --git a/src/uefi/uefirtauthvar/uefirtauthvar.c b/src/uefi/uefirtauthvar/uefirtauthvar.c > index 22c954b..3f696ec 100644 > --- a/src/uefi/uefirtauthvar/uefirtauthvar.c > +++ b/src/uefi/uefirtauthvar/uefirtauthvar.c > @@ -415,6 +415,7 @@ static int uefirtauthvar_test5(fwts_framework *fw) > "UEFIUpdateAuthVar", > "Get authenticated variable data size is not the " > "same as it set."); > + return FWTS_ERROR; > } > > for (i = 0; i < getdatasize; i++) { > Thanks Ivan Acked-by: Colin Ian King <colin.king@canonical.com>
diff --git a/src/uefi/uefirtauthvar/uefirtauthvar.c b/src/uefi/uefirtauthvar/uefirtauthvar.c index 22c954b..3f696ec 100644 --- a/src/uefi/uefirtauthvar/uefirtauthvar.c +++ b/src/uefi/uefirtauthvar/uefirtauthvar.c @@ -415,6 +415,7 @@ static int uefirtauthvar_test5(fwts_framework *fw) "UEFIUpdateAuthVar", "Get authenticated variable data size is not the " "same as it set."); + return FWTS_ERROR; } for (i = 0; i < getdatasize; i++) {
CoverityScan detected a potential buffer overflow, it is because that mismatch of set and get authenticated variable, this should directly set as ERROR and return. And no need to compare the further data contents. Signed-off-by: Ivan Hu <ivan.hu@canonical.com> --- src/uefi/uefirtauthvar/uefirtauthvar.c | 1 + 1 file changed, 1 insertion(+)