[PATCH 1/1] efi_loader: sanitize efi_tcg2_final_events_table definition
The length of the variable name typically is not 1. Neither the length of the variable name nor the size of the appended data is known in the include.
* Define the size of element variable_name as variable. * Remove the unusable element variable_data.
Addresses-Coverity-ID: 467400 Out-of-bounds read Signed-off-by: Heinrich Schuchardt heinrich.schuchardt@canonical.com --- include/efi_tcg2.h | 8 +++----- 1 file changed, 3 insertions(+), 5 deletions(-)
diff --git a/include/efi_tcg2.h b/include/efi_tcg2.h index b21c5cb3dd6..a75b5a35b6e 100644 --- a/include/efi_tcg2.h +++ b/include/efi_tcg2.h @@ -150,16 +150,14 @@ struct efi_tcg2_final_events_table { * the variable. * @variable_data_length: The size of the variable data. * @unicode_name: The CHAR16 unicode name of the variable - * without NULL-terminator. - * @variable_data: The data parameter of the efi variable - * in the GetVariable() API. + * without NULL-terminator followed by data. */ struct efi_tcg2_uefi_variable_data { efi_guid_t variable_name; u64 unicode_name_length; u64 variable_data_length; - u16 unicode_name[1]; - u8 variable_data[1]; + u16 unicode_name[]; + // u8 variable_data[]; };
/**
On Thu, 11 Apr 2024 at 00:50, Heinrich Schuchardt heinrich.schuchardt@canonical.com wrote:
The length of the variable name typically is not 1. Neither the length of the variable name nor the size of the appended data is known in the include.
- Define the size of element variable_name as variable.
- Remove the unusable element variable_data.
Addresses-Coverity-ID: 467400 Out-of-bounds read Signed-off-by: Heinrich Schuchardt heinrich.schuchardt@canonical.com
include/efi_tcg2.h | 8 +++----- 1 file changed, 3 insertions(+), 5 deletions(-)
diff --git a/include/efi_tcg2.h b/include/efi_tcg2.h index b21c5cb3dd6..a75b5a35b6e 100644 --- a/include/efi_tcg2.h +++ b/include/efi_tcg2.h @@ -150,16 +150,14 @@ struct efi_tcg2_final_events_table {
the variable.- @variable_data_length: The size of the variable data.
- @unicode_name: The CHAR16 unicode name of the variable
without NULL-terminator.
- @variable_data: The data parameter of the efi variable
in the GetVariable() API.
*/
without NULL-terminator followed by data.struct efi_tcg2_uefi_variable_data { efi_guid_t variable_name; u64 unicode_name_length; u64 variable_data_length;
u16 unicode_name[1];u8 variable_data[1];
u16 unicode_name[];// u8 variable_data[];};
/**
2.43.0
Reviewed-by: Ilias Apalodimas ilias.apalodimas@linaro.org
participants (2)
-
Heinrich Schuchardt -
Ilias Apalodimas