The length of the variable name typically is not 1. Neither the length of the variable name nor the size of the appended data is known in the include.
* Define the size of element variable_name as variable. * Remove the unusable element variable_data.
Addresses-Coverity-ID: 467400 Out-of-bounds read Signed-off-by: Heinrich Schuchardt heinrich.schuchardt@canonical.com --- include/efi_tcg2.h | 8 +++----- 1 file changed, 3 insertions(+), 5 deletions(-)
diff --git a/include/efi_tcg2.h b/include/efi_tcg2.h index b21c5cb3dd6..a75b5a35b6e 100644 --- a/include/efi_tcg2.h +++ b/include/efi_tcg2.h @@ -150,16 +150,14 @@ struct efi_tcg2_final_events_table { * the variable. * @variable_data_length: The size of the variable data. * @unicode_name: The CHAR16 unicode name of the variable - * without NULL-terminator. - * @variable_data: The data parameter of the efi variable - * in the GetVariable() API. + * without NULL-terminator followed by data. */ struct efi_tcg2_uefi_variable_data { efi_guid_t variable_name; u64 unicode_name_length; u64 variable_data_length; - u16 unicode_name[1]; - u8 variable_data[1]; + u16 unicode_name[]; + // u8 variable_data[]; };
/**