| Message ID | 20240410225043.40100-1-heinrich.schuchardt@canonical.com |
|---|---|
| State | Accepted, archived |
| Commit | 5884481e2a2613ae5f3b9c1dab0671acd88ca961 |
| Delegated to: | Heinrich Schuchardt |
| Headers | show |
| Series | [1/1] efi_loader: sanitize efi_tcg2_final_events_table definition | expand |
On Thu, 11 Apr 2024 at 00:50, Heinrich Schuchardt <heinrich.schuchardt@canonical.com> wrote: > > The length of the variable name typically is not 1. > Neither the length of the variable name nor the size of the appended > data is known in the include. > > * Define the size of element variable_name as variable. > * Remove the unusable element variable_data. > > Addresses-Coverity-ID: 467400 Out-of-bounds read > Signed-off-by: Heinrich Schuchardt <heinrich.schuchardt@canonical.com> > --- > include/efi_tcg2.h | 8 +++----- > 1 file changed, 3 insertions(+), 5 deletions(-) > > diff --git a/include/efi_tcg2.h b/include/efi_tcg2.h > index b21c5cb3dd6..a75b5a35b6e 100644 > --- a/include/efi_tcg2.h > +++ b/include/efi_tcg2.h > @@ -150,16 +150,14 @@ struct efi_tcg2_final_events_table { > * the variable. > * @variable_data_length: The size of the variable data. > * @unicode_name: The CHAR16 unicode name of the variable > - * without NULL-terminator. > - * @variable_data: The data parameter of the efi variable > - * in the GetVariable() API. > + * without NULL-terminator followed by data. > */ > struct efi_tcg2_uefi_variable_data { > efi_guid_t variable_name; > u64 unicode_name_length; > u64 variable_data_length; > - u16 unicode_name[1]; > - u8 variable_data[1]; > + u16 unicode_name[]; > + // u8 variable_data[]; > }; > > /** > -- > 2.43.0 > Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
diff --git a/include/efi_tcg2.h b/include/efi_tcg2.h index b21c5cb3dd6..a75b5a35b6e 100644 --- a/include/efi_tcg2.h +++ b/include/efi_tcg2.h @@ -150,16 +150,14 @@ struct efi_tcg2_final_events_table { * the variable. * @variable_data_length: The size of the variable data. * @unicode_name: The CHAR16 unicode name of the variable - * without NULL-terminator. - * @variable_data: The data parameter of the efi variable - * in the GetVariable() API. + * without NULL-terminator followed by data. */ struct efi_tcg2_uefi_variable_data { efi_guid_t variable_name; u64 unicode_name_length; u64 variable_data_length; - u16 unicode_name[1]; - u8 variable_data[1]; + u16 unicode_name[]; + // u8 variable_data[]; }; /**
The length of the variable name typically is not 1. Neither the length of the variable name nor the size of the appended data is known in the include. * Define the size of element variable_name as variable. * Remove the unusable element variable_data. Addresses-Coverity-ID: 467400 Out-of-bounds read Signed-off-by: Heinrich Schuchardt <heinrich.schuchardt@canonical.com> --- include/efi_tcg2.h | 8 +++----- 1 file changed, 3 insertions(+), 5 deletions(-)