Skip to content

Conversation

lsandov1
Copy link
Contributor

Detected by our SAST engine

"Error: INTEGER_OVERFLOW (CWE-190):
efivar-39/src/dp.c:196: tainted_data_return: Called function ""efidp_size(le)"", and a possible return value is known to be less than zero.
efivar-39/src/dp.c:196: assign: Assigning: ""lesz"" = ""efidp_size(le)"".
efivar-39/src/dp.c:197: overflow: The expression ""lsz"" is considered to have possibly overflowed.
efivar-39/src/dp.c:232: overflow_sink: ""lsz"", which might have overflowed, is passed to ""memcpy(new, dp, lsz)"". [Note: The source code implementation of the function has been overridden by a builtin model.]

Detected by our SAST engine

"Error: INTEGER_OVERFLOW (CWE-190):
efivar-39/src/dp.c:196: tainted_data_return: Called function ""efidp_size(le)"", and a possible return value is known to be less than zero.
efivar-39/src/dp.c:196: assign: Assigning: ""lesz"" = ""efidp_size(le)"".
efivar-39/src/dp.c:197: overflow: The expression ""lsz"" is considered to have possibly overflowed.
efivar-39/src/dp.c:232: overflow_sink: ""lsz"", which might have overflowed, is passed to ""memcpy(new, dp, lsz)"". [Note: The source code implementation of the function has been overridden by a builtin model.]

Signed-off-by: Leo Sandoval <[email protected]>
@vathpela vathpela merged commit 839b146 into rhboot:main Jun 18, 2025
5 checks passed
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Labels

None yet

Projects

None yet

Development

Successfully merging this pull request may close these issues.

2 participants