rpms / libtpms

Clone
Source Code
GIT

Blame SOURCES/0001-tpm2-Fix-size-check-in-CryptSecretDecrypt.patch

c8-beta-stream-rhel c8-stream-rhel c8s-stream-rhel c9 c9-beta
  1.   c9-beta
  2.   SOURCES
  3.   0001-tpm2-Fix-size-check-in-CryptSecretDecrypt.patch
Blob History Raw
1b023f 
From 3d2bbe2f1947784506ba0a7f9e8ab81eefb69929 Mon Sep 17 00:00:00 2001
1b023f 
From: Ross Lagerwall <ross.lagerwall@citrix.com>
1b023f 
Date: Mon, 23 May 2022 14:16:57 +0100
1b023f 
Subject: [PATCH] tpm2: Fix size check in CryptSecretDecrypt
1b023f
1b023f 
Check the secret size against the size of the buffer, not the size
1b023f 
member that has not been set yet.
1b023f
1b023f 
Reported by Coverity.
1b023f
1b023f 
Signed-off-by: Ross Lagerwall <ross.lagerwall@citrix.com>
1b023f 
---
1b023f 
 src/tpm2/CryptUtil.c | 2 +-
1b023f 
 1 file changed, 1 insertion(+), 1 deletion(-)
1b023f
1b023f 
diff --git a/src/tpm2/CryptUtil.c b/src/tpm2/CryptUtil.c
1b023f 
index 9879f918acb6..002fde0987a9 100644
1b023f 
--- a/src/tpm2/CryptUtil.c
1b023f 
+++ b/src/tpm2/CryptUtil.c
1b023f 
@@ -732,7 +732,7 @@ CryptSecretDecrypt(
1b023f 
 					     nonceCaller->t.size);
1b023f 
 			      }
1b023f 
 			  // make sure secret will fit
1b023f 
-			  if(secret->t.size > data->t.size)
1b023f 
+			  if(secret->t.size > sizeof(data->t.buffer))
1b023f 
 			      return TPM_RC_FAILURE;
1b023f 
 			  data->t.size = secret->t.size;
1b023f 
 			  // CFB decrypt, using nonceCaller as iv
1b023f 
--
1b023f 
2.36.0.44.g0f828332d5ac
1b023f

Powered by Pagure 5.14.1

SSH Hostkey/Fingerprint | Documentation