Fix for crash for max PCRs available

This commit is contained in:
Peter Robinson 2019-08-01 10:13:27 +01:00
parent c2f7c4726f
commit 9880cbc871
2 changed files with 38 additions and 1 deletions

View File

@ -0,0 +1,32 @@
From 4050d845fdd3819708329a8b4f52eb2de485fbf4 Mon Sep 17 00:00:00 2001
From: William Roberts <william.c.roberts@intel.com>
Date: Tue, 30 Jan 2018 10:12:14 -0800
Subject: [PATCH] Limit selected PCRs to 8
When a PCR selection has more than 8 selections, the pcrSelections
array was being indexed past its end.
Fixes: #778
Signed-off-by: William Roberts <william.c.roberts@intel.com>
---
lib/tpm2_policy.c | 5 +++++
1 file changed, 5 insertions(+)
diff --git a/lib/tpm2_policy.c b/lib/tpm2_policy.c
index b1fc8182c..aff0a1724 100644
--- a/lib/tpm2_policy.c
+++ b/lib/tpm2_policy.c
@@ -58,6 +58,11 @@ static bool evaluate_populate_pcr_digests(TPML_PCR_SELECTION *pcr_selections,
total_indices_for_this_alg += tpm2_util_pop_count(group_val);
}
+ if(pcr_values->count + total_indices_for_this_alg > ARRAY_LEN(pcr_values->digests)) {
+ LOG_ERR("Number of PCR is limited to %zu", ARRAY_LEN(pcr_values->digests));
+ return false;
+ }
+
//digest size returned per the hashAlg type
unsigned dgst_size = tpm2_alg_util_get_hash_size(pcr_selections->pcrSelections[i].hash);
if (!dgst_size) {

View File

@ -1,11 +1,13 @@
Name: tpm2-tools Name: tpm2-tools
Version: 3.2.0 Version: 3.2.0
Release: 2%{?dist} Release: 3%{?dist}
Summary: A TPM2.0 testing tool build upon TPM2.0-TSS Summary: A TPM2.0 testing tool build upon TPM2.0-TSS
License: BSD License: BSD
URL: https://github.com/tpm2-software/tpm2-tools URL: https://github.com/tpm2-software/tpm2-tools
Source0: https://github.com/tpm2-software/tpm2-tools/releases/download/%{version}/%{name}-%{version}.tar.gz Source0: https://github.com/tpm2-software/tpm2-tools/releases/download/%{version}/%{name}-%{version}.tar.gz
# https://github.com/tpm2-software/tpm2-tools/issues/1632
Patch0: tpm2-tools-limit-selected-pcrs-to-8.patch
BuildRequires: gcc-c++ BuildRequires: gcc-c++
BuildRequires: libtool BuildRequires: libtool
@ -45,6 +47,9 @@ tpm2-tools is a batch of testing tools for tpm2.0. It is based on tpm2-tss.
%{_mandir}/man1/tpm2_*.1.gz %{_mandir}/man1/tpm2_*.1.gz
%changelog %changelog
* Thu Aug 1 2019 Peter Robinson <pbrobinson@fedoraproject.org> 3.2.0-3
- Fix for crash for max PCRs available
* Sat Jul 27 2019 Fedora Release Engineering <releng@fedoraproject.org> - 3.2.0-2 * Sat Jul 27 2019 Fedora Release Engineering <releng@fedoraproject.org> - 3.2.0-2
- Rebuilt for https://fedoraproject.org/wiki/Fedora_31_Mass_Rebuild - Rebuilt for https://fedoraproject.org/wiki/Fedora_31_Mass_Rebuild