[PATCH] securebootcert: remove the SignatureOwner on signature presence check
Ivan Hu
ivan.hu at canonical.com
Fri Sep 22 08:27:06 UTC 2017
SignatureOwner is a guid which assigned by the one who set it to UEFI database
variables. It won't be checked. Remove it to fix the build warnings,
uefi/securebootcert/securebootcert.c:294:3: warning: Value stored to
'SignatureOwner' is never read
SignatureOwner = *(EFI_GUID *)var_data_addr;
^ ~~~~~~~~~~~~~~~~~~~~~~~~~~
Signed-off-by: Ivan Hu <ivan.hu at canonical.com>
---
src/uefi/securebootcert/securebootcert.c | 6 ++----
1 file changed, 2 insertions(+), 4 deletions(-)
diff --git a/src/uefi/securebootcert/securebootcert.c b/src/uefi/securebootcert/securebootcert.c
index b58c4e7..a74c55d 100644
--- a/src/uefi/securebootcert/securebootcert.c
+++ b/src/uefi/securebootcert/securebootcert.c
@@ -270,7 +270,6 @@ static bool check_sigdb_presence(uint8_t *var_data, size_t datalen, uint8_t *key
return key_found;
for (var_data_addr = var_data; var_data_addr < var_data + datalen; ) {
- EFI_GUID SignatureOwner;
siglist = *((EFI_SIGNATURE_LIST *)var_data_addr);
/* check for potential overflow */
@@ -291,14 +290,13 @@ static bool check_sigdb_presence(uint8_t *var_data, size_t datalen, uint8_t *key
}
var_data_addr += sizeof(siglist) + siglist.SignatureHeaderSize;
- SignatureOwner = *(EFI_GUID *)var_data_addr;
- if (key_len != (siglist.SignatureSize - sizeof(SignatureOwner))) {
+ if (key_len != (siglist.SignatureSize - sizeof(EFI_GUID))) {
var_data_addr += siglist.SignatureSize;
continue;
}
- var_data_addr += sizeof(SignatureOwner);
+ var_data_addr += sizeof(EFI_GUID);
for (i = 0; i < key_len; i++) {
if (*((uint8_t *)var_data_addr+i) != key[i])
--
2.7.4
More information about the fwts-devel
mailing list