94b2079a24
Resolves: CVE-2023-22745 Resolves: rhbz#2160307 Resolves: rhbz#2162613 Signed-off-by: Štěpán Horáček <shoracek@redhat.com>
42 lines
1.7 KiB
Diff
42 lines
1.7 KiB
Diff
From f5907e96363729e16475172ef1056532d9404482 Mon Sep 17 00:00:00 2001
|
|
From: William Roberts <william.c.roberts@intel.com>
|
|
Date: Fri, 3 Jun 2022 11:51:02 -0500
|
|
Subject: [PATCH 1/2] esys_iutil: fix possible NPD
|
|
|
|
Clang-10 scan-build reports:
|
|
src/tss2-esys/esys_iutil.c:1366:56: warning: Dereference of null pointer
|
|
auths->auths[auths->count].sessionHandle = session->rsrc.handle;
|
|
^~~~~~~~~~~~~~~~~~~~
|
|
1 warning generated.
|
|
|
|
The code above the report checks that session might be NULL:
|
|
RSRC_NODE_T *session = esys_context->session_tab[session_idx];
|
|
if (session != NULL) {
|
|
IESYS_SESSION *rsrc_session = &session->rsrc.misc.rsrc_session;
|
|
if (rsrc_session->type_policy_session == POLICY_PASSWORD) {
|
|
|
|
Thus suggesting/indicating session may be NULL in subsequent code where
|
|
session is dereferenced.
|
|
|
|
Signed-off-by: William Roberts <william.c.roberts@intel.com>
|
|
---
|
|
src/tss2-esys/esys_iutil.c | 2 +-
|
|
1 file changed, 1 insertion(+), 1 deletion(-)
|
|
|
|
diff --git a/src/tss2-esys/esys_iutil.c b/src/tss2-esys/esys_iutil.c
|
|
index 4d31cef8..b364dd73 100644
|
|
--- a/src/tss2-esys/esys_iutil.c
|
|
+++ b/src/tss2-esys/esys_iutil.c
|
|
@@ -1352,7 +1352,7 @@ iesys_gen_auths(ESYS_CONTEXT * esys_context,
|
|
&& encryptNonceIdx > 0) ? encryptNonce : NULL,
|
|
&auths->auths[session_idx]);
|
|
return_if_error(r, "Error while computing hmacs");
|
|
- if (esys_context->session_tab[session_idx] != NULL) {
|
|
+ if (esys_context->session_tab[session_idx] != NULL && session != NULL) {
|
|
auths->auths[auths->count].sessionHandle = session->rsrc.handle;
|
|
auths->count++;
|
|
}
|
|
--
|
|
2.39.2
|
|
|