[PATCH] uefirtauthvar: missing return error when mismatch size of set/get test data

Thu Mar 5 05:18:38 UTC 2015

CoverityScan detected a potential buffer overflow, it is because that mismatch
of set and get authenticated variable, this should directly set as ERROR and
return. And no need to compare the further data contents.

Signed-off-by: Ivan Hu <ivan.hu at canonical.com>
---
 src/uefi/uefirtauthvar/uefirtauthvar.c | 1 +
 1 file changed, 1 insertion(+)

diff --git a/src/uefi/uefirtauthvar/uefirtauthvar.c b/src/uefi/uefirtauthvar/uefirtauthvar.c
index 22c954b..3f696ec 100644
--- a/src/uefi/uefirtauthvar/uefirtauthvar.c
+++ b/src/uefi/uefirtauthvar/uefirtauthvar.c
@@ -415,6 +415,7 @@ static int uefirtauthvar_test5(fwts_framework *fw)
 			"UEFIUpdateAuthVar",
 			"Get authenticated variable data size is not the "
 			"same as it set.");
+		return FWTS_ERROR;
 	}
 
 	for (i = 0; i < getdatasize; i++) {
-- 
1.9.1


