The length of the variable name typically is not 1.
Neither the length of the variable name nor the size of the appended
data is known in the include.
* Define the size of element variable_name as variable.
* Remove the unusable element variable_data.
Addresses-Coverity-ID: 467400 Out-of-bounds read
Signed-off-by: Heinrich Schuchardt <heinrich.schucha...@canonical.com>
---
include/efi_tcg2.h | 8 +++-----
1 file changed, 3 insertions(+), 5 deletions(-)
diff --git a/include/efi_tcg2.h b/include/efi_tcg2.h
index b21c5cb3dd6..a75b5a35b6e 100644
--- a/include/efi_tcg2.h
+++ b/include/efi_tcg2.h
@@ -150,16 +150,14 @@ struct efi_tcg2_final_events_table {
* the variable.
* @variable_data_length: The size of the variable data.
* @unicode_name: The CHAR16 unicode name of the variable
- * without NULL-terminator.
- * @variable_data: The data parameter of the efi variable
- * in the GetVariable() API.
+ * without NULL-terminator followed by data.
*/
struct efi_tcg2_uefi_variable_data {
efi_guid_t variable_name;
u64 unicode_name_length;
u64 variable_data_length;
- u16 unicode_name[1];
- u8 variable_data[1];
+ u16 unicode_name[];
+ // u8 variable_data[];
};
/**
--
2.43.0
