Fix for crash for max PCRs available

2019-08-01 10:13:27 +01:00 · 2019-08-01 10:13:27 +01:00 · 9880cbc871
commit 9880cbc871
parent c2f7c4726f
2 changed files with 38 additions and 1 deletions
--- a/tpm2-tools-limit-selected-pcrs-to-8.patch
+++ b/tpm2-tools-limit-selected-pcrs-to-8.patch
@ -0,0 +1,32 @@
+From 4050d845fdd3819708329a8b4f52eb2de485fbf4 Mon Sep 17 00:00:00 2001
+From: William Roberts <william.c.roberts@intel.com>
+Date: Tue, 30 Jan 2018 10:12:14 -0800
+Subject: [PATCH] Limit selected PCRs to 8
+
+When a PCR selection has more than 8 selections, the pcrSelections
+array was being indexed past its end.
+
+Fixes: #778
+
+Signed-off-by: William Roberts <william.c.roberts@intel.com>
+---
+ lib/tpm2_policy.c | 5 +++++
+ 1 file changed, 5 insertions(+)
+
+diff --git a/lib/tpm2_policy.c b/lib/tpm2_policy.c
+index b1fc8182c..aff0a1724 100644
+--- a/lib/tpm2_policy.c
+++ b/lib/tpm2_policy.c
+@@ -58,6 +58,11 @@ static bool evaluate_populate_pcr_digests(TPML_PCR_SELECTION *pcr_selections,
+             total_indices_for_this_alg += tpm2_util_pop_count(group_val);
+         }
+ 
+        if(pcr_values->count + total_indices_for_this_alg > ARRAY_LEN(pcr_values->digests)) {
+            LOG_ERR("Number of PCR is limited to %zu", ARRAY_LEN(pcr_values->digests));
+            return false;
+        }
+
+         //digest size returned per the hashAlg type
+         unsigned dgst_size = tpm2_alg_util_get_hash_size(pcr_selections->pcrSelections[i].hash);
+         if (!dgst_size) {
+
--- a/tpm2-tools.spec
+++ b/tpm2-tools.spec
@ -1,11 +1,13 @@
 Name: tpm2-tools
 Version: 3.2.0
-Release: 2%{?dist}
+Release: 3%{?dist}
 Summary: A TPM2.0 testing tool build upon TPM2.0-TSS

 License: BSD
 URL:     https://github.com/tpm2-software/tpm2-tools
 Source0: https://github.com/tpm2-software/tpm2-tools/releases/download/%{version}/%{name}-%{version}.tar.gz
+# https://github.com/tpm2-software/tpm2-tools/issues/1632
+Patch0:  tpm2-tools-limit-selected-pcrs-to-8.patch

 BuildRequires: gcc-c++
 BuildRequires: libtool
@ -45,6 +47,9 @@ tpm2-tools is a batch of testing tools for tpm2.0. It is based on tpm2-tss.
 %{_mandir}/man1/tpm2_*.1.gz

 %changelog
+* Thu Aug  1 2019 Peter Robinson <pbrobinson@fedoraproject.org> 3.2.0-3
+- Fix for crash for max PCRs available
+
 * Sat Jul 27 2019 Fedora Release Engineering <releng@fedoraproject.org> - 3.2.0-2
 - Rebuilt for https://fedoraproject.org/wiki/Fedora_31_Mass_Rebuild