|
 |
ffd936 |
From d29d80c8ca14f793ef9a572945b232a52aa72c54 Mon Sep 17 00:00:00 2001
|
|
|
ffd936 |
From: Stefan Berger <stefanb@linux.vnet.ibm.com>
|
|
|
ffd936 |
Date: Mon, 21 Jun 2021 15:10:14 -0400
|
|
|
ffd936 |
Subject: [PATCH 2/3] tpm2: Add maxSize parameter to TPM2B_Marshal for sanity
|
|
|
ffd936 |
checks
|
|
|
ffd936 |
|
|
|
ffd936 |
Add maxSize parameter to TPM2B_Marshal and assert on it checking
|
|
|
ffd936 |
the size of the data intended to be marshaled versus the maximum
|
|
|
ffd936 |
buffer size.
|
|
|
ffd936 |
|
|
|
ffd936 |
Signed-off-by: Stefan Berger <stefanb@linux.ibm.com>
|
|
|
ffd936 |
---
|
|
|
ffd936 |
src/tpm2/Marshal.c | 38 ++++++++++++++++++++------------------
|
|
|
ffd936 |
src/tpm2/Marshal_fp.h | 2 +-
|
|
|
ffd936 |
src/tpm2/NVMarshal.c | 18 +++++++++---------
|
|
|
ffd936 |
3 files changed, 30 insertions(+), 28 deletions(-)
|
|
|
ffd936 |
|
|
|
ffd936 |
diff --git a/src/tpm2/Marshal.c b/src/tpm2/Marshal.c
|
|
|
ffd936 |
index d355096..b498b62 100644
|
|
|
ffd936 |
--- a/src/tpm2/Marshal.c
|
|
|
ffd936 |
+++ b/src/tpm2/Marshal.c
|
|
|
ffd936 |
@@ -61,6 +61,7 @@
|
|
|
ffd936 |
|
|
|
ffd936 |
/* rev 136 */
|
|
|
ffd936 |
|
|
|
ffd936 |
+#include <assert.h> // libtpms added
|
|
|
ffd936 |
#include <string.h>
|
|
|
ffd936 |
|
|
|
ffd936 |
#include "Tpm.h"
|
|
|
ffd936 |
@@ -178,9 +179,10 @@ Array_Marshal(BYTE *sourceBuffer, UINT16 sourceSize, BYTE **buffer, INT32 *size)
|
|
|
ffd936 |
}
|
|
|
ffd936 |
|
|
|
ffd936 |
UINT16
|
|
|
ffd936 |
-TPM2B_Marshal(TPM2B *source, BYTE **buffer, INT32 *size)
|
|
|
ffd936 |
+TPM2B_Marshal(TPM2B *source, UINT32 maxSize, BYTE **buffer, INT32 *size)
|
|
|
ffd936 |
{
|
|
|
ffd936 |
UINT16 written = 0;
|
|
|
ffd936 |
+ assert(source->size <= maxSize); // libtpms added
|
|
|
ffd936 |
written += UINT16_Marshal(&(source->size), buffer, size);
|
|
|
ffd936 |
written += Array_Marshal(source->buffer, source->size, buffer, size);
|
|
|
ffd936 |
return written;
|
|
|
ffd936 |
@@ -495,7 +497,7 @@ UINT16
|
|
|
ffd936 |
TPM2B_DIGEST_Marshal(TPM2B_DIGEST *source, BYTE **buffer, INT32 *size)
|
|
|
ffd936 |
{
|
|
|
ffd936 |
UINT16 written = 0;
|
|
|
ffd936 |
-written += TPM2B_Marshal(&source->b, buffer, size);
|
|
|
ffd936 |
+written += TPM2B_Marshal(&source->b, sizeof(source->t.buffer), buffer, size); // libtpms changed
|
|
|
ffd936 |
return written;
|
|
|
ffd936 |
}
|
|
|
ffd936 |
|
|
|
ffd936 |
@@ -505,7 +507,7 @@ UINT16
|
|
|
ffd936 |
TPM2B_DATA_Marshal(TPM2B_DATA *source, BYTE **buffer, INT32 *size)
|
|
|
ffd936 |
{
|
|
|
ffd936 |
UINT16 written = 0;
|
|
|
ffd936 |
-written += TPM2B_Marshal(&source->b, buffer, size);
|
|
|
ffd936 |
+written += TPM2B_Marshal(&source->b, sizeof(source->t.buffer), buffer, size); // libtpms changed
|
|
|
ffd936 |
return written;
|
|
|
ffd936 |
}
|
|
|
ffd936 |
|
|
|
ffd936 |
@@ -535,7 +537,7 @@ UINT16
|
|
|
ffd936 |
TPM2B_MAX_BUFFER_Marshal(TPM2B_MAX_BUFFER *source, BYTE **buffer, INT32 *size)
|
|
|
ffd936 |
{
|
|
|
ffd936 |
UINT16 written = 0;
|
|
|
ffd936 |
- written += TPM2B_Marshal(&source->b, buffer, size);
|
|
|
ffd936 |
+ written += TPM2B_Marshal(&source->b, sizeof(source->t.buffer), buffer, size); // libtpms changed
|
|
|
ffd936 |
return written;
|
|
|
ffd936 |
}
|
|
|
ffd936 |
|
|
|
ffd936 |
@@ -545,7 +547,7 @@ UINT16
|
|
|
ffd936 |
TPM2B_MAX_NV_BUFFER_Marshal(TPM2B_MAX_NV_BUFFER *source, BYTE **buffer, INT32 *size)
|
|
|
ffd936 |
{
|
|
|
ffd936 |
UINT16 written = 0;
|
|
|
ffd936 |
- written += TPM2B_Marshal(&source->b, buffer, size);
|
|
|
ffd936 |
+ written += TPM2B_Marshal(&source->b, sizeof(source->t.buffer), buffer, size); // libtpms changed
|
|
|
ffd936 |
return written;
|
|
|
ffd936 |
}
|
|
|
ffd936 |
|
|
|
ffd936 |
@@ -554,7 +556,7 @@ UINT16
|
|
|
ffd936 |
TPM2B_TIMEOUT_Marshal(TPM2B_TIMEOUT *source, BYTE **buffer, INT32 *size)
|
|
|
ffd936 |
{
|
|
|
ffd936 |
UINT16 written = 0;
|
|
|
ffd936 |
- written += TPM2B_Marshal(&source->b, buffer, size);
|
|
|
ffd936 |
+ written += TPM2B_Marshal(&source->b, sizeof(source->t.buffer), buffer, size); // libtpms changed
|
|
|
ffd936 |
return written;
|
|
|
ffd936 |
}
|
|
|
ffd936 |
|
|
|
ffd936 |
@@ -564,7 +566,7 @@ UINT16
|
|
|
ffd936 |
TPM2B_IV_Marshal(TPM2B_IV *source, BYTE **buffer, INT32 *size)
|
|
|
ffd936 |
{
|
|
|
ffd936 |
UINT16 written = 0;
|
|
|
ffd936 |
- written += TPM2B_Marshal(&source->b, buffer, size);
|
|
|
ffd936 |
+ written += TPM2B_Marshal(&source->b, sizeof(source->t.buffer), buffer, size); // libtpms changed
|
|
|
ffd936 |
return written;
|
|
|
ffd936 |
}
|
|
|
ffd936 |
|
|
|
ffd936 |
@@ -574,7 +576,7 @@ UINT16
|
|
|
ffd936 |
TPM2B_NAME_Marshal(TPM2B_NAME *source, BYTE **buffer, INT32 *size)
|
|
|
ffd936 |
{
|
|
|
ffd936 |
UINT16 written = 0;
|
|
|
ffd936 |
- written += TPM2B_Marshal(&source->b, buffer, size);
|
|
|
ffd936 |
+ written += TPM2B_Marshal(&source->b, sizeof(source->t.name), buffer, size); // libtpms changed
|
|
|
ffd936 |
return written;
|
|
|
ffd936 |
}
|
|
|
ffd936 |
|
|
|
ffd936 |
@@ -1111,7 +1113,7 @@ UINT16
|
|
|
ffd936 |
TPM2B_ATTEST_Marshal(TPM2B_ATTEST *source, BYTE **buffer, INT32 *size)
|
|
|
ffd936 |
{
|
|
|
ffd936 |
UINT16 written = 0;
|
|
|
ffd936 |
- written += TPM2B_Marshal(&source->b, buffer, size);
|
|
|
ffd936 |
+ written += TPM2B_Marshal(&source->b, sizeof(source->t.attestationData), buffer, size); // libtpms changed
|
|
|
ffd936 |
return written;
|
|
|
ffd936 |
}
|
|
|
ffd936 |
|
|
|
ffd936 |
@@ -1232,7 +1234,7 @@ UINT16
|
|
|
ffd936 |
TPM2B_SYM_KEY_Marshal(TPM2B_SYM_KEY *source, BYTE **buffer, INT32 *size)
|
|
|
ffd936 |
{
|
|
|
ffd936 |
UINT16 written = 0;
|
|
|
ffd936 |
- written += TPM2B_Marshal(&source->b, buffer, size);
|
|
|
ffd936 |
+ written += TPM2B_Marshal(&source->b, sizeof(source->t.buffer), buffer, size); // libtpms changed
|
|
|
ffd936 |
return written;
|
|
|
ffd936 |
}
|
|
|
ffd936 |
|
|
|
ffd936 |
@@ -1253,7 +1255,7 @@ UINT16
|
|
|
ffd936 |
TPM2B_SENSITIVE_DATA_Marshal(TPM2B_SENSITIVE_DATA *source, BYTE **buffer, INT32 *size)
|
|
|
ffd936 |
{
|
|
|
ffd936 |
UINT16 written = 0;
|
|
|
ffd936 |
- written += TPM2B_Marshal(&source->b, buffer, size);
|
|
|
ffd936 |
+ written += TPM2B_Marshal(&source->b, sizeof(source->t.buffer), buffer, size); // libtpms changed
|
|
|
ffd936 |
return written;
|
|
|
ffd936 |
}
|
|
|
ffd936 |
|
|
|
ffd936 |
@@ -1613,7 +1615,7 @@ UINT16
|
|
|
ffd936 |
TPM2B_PUBLIC_KEY_RSA_Marshal(TPM2B_PUBLIC_KEY_RSA *source, BYTE **buffer, INT32 *size)
|
|
|
ffd936 |
{
|
|
|
ffd936 |
UINT16 written = 0;
|
|
|
ffd936 |
- written += TPM2B_Marshal(&source->b, buffer, size);
|
|
|
ffd936 |
+ written += TPM2B_Marshal(&source->b, sizeof(source->t.buffer), buffer, size); // libtpms changed
|
|
|
ffd936 |
return written;
|
|
|
ffd936 |
}
|
|
|
ffd936 |
|
|
|
ffd936 |
@@ -1633,7 +1635,7 @@ UINT16
|
|
|
ffd936 |
TPM2B_PRIVATE_KEY_RSA_Marshal(TPM2B_PRIVATE_KEY_RSA *source, BYTE **buffer, INT32 *size)
|
|
|
ffd936 |
{
|
|
|
ffd936 |
UINT16 written = 0;
|
|
|
ffd936 |
- written += TPM2B_Marshal(&source->b, buffer, size);
|
|
|
ffd936 |
+ written += TPM2B_Marshal(&source->b, sizeof(source->t.buffer), buffer, size); // libtpms changed
|
|
|
ffd936 |
return written;
|
|
|
ffd936 |
}
|
|
|
ffd936 |
|
|
|
ffd936 |
@@ -1643,7 +1645,7 @@ UINT16
|
|
|
ffd936 |
TPM2B_ECC_PARAMETER_Marshal(TPM2B_ECC_PARAMETER *source, BYTE **buffer, INT32 *size)
|
|
|
ffd936 |
{
|
|
|
ffd936 |
UINT16 written = 0;
|
|
|
ffd936 |
- written += TPM2B_Marshal(&source->b, buffer, size);
|
|
|
ffd936 |
+ written += TPM2B_Marshal(&source->b, sizeof(source->t.buffer), buffer, size); // libtpms changed
|
|
|
ffd936 |
return written;
|
|
|
ffd936 |
}
|
|
|
ffd936 |
|
|
|
ffd936 |
@@ -1879,7 +1881,7 @@ UINT16
|
|
|
ffd936 |
TPM2B_ENCRYPTED_SECRET_Marshal(TPM2B_ENCRYPTED_SECRET *source, BYTE **buffer, INT32 *size)
|
|
|
ffd936 |
{
|
|
|
ffd936 |
UINT16 written = 0;
|
|
|
ffd936 |
- written += TPM2B_Marshal(&source->b, buffer, size);
|
|
|
ffd936 |
+ written += TPM2B_Marshal(&source->b, sizeof(source->t.secret), buffer, size); // libtpms changed
|
|
|
ffd936 |
return written;
|
|
|
ffd936 |
}
|
|
|
ffd936 |
|
|
|
ffd936 |
@@ -2090,7 +2092,7 @@ UINT16
|
|
|
ffd936 |
TPM2B_PRIVATE_Marshal(TPM2B_PRIVATE *source, BYTE **buffer, INT32 *size)
|
|
|
ffd936 |
{
|
|
|
ffd936 |
UINT16 written = 0;
|
|
|
ffd936 |
- written += TPM2B_Marshal(&source->b, buffer, size);
|
|
|
ffd936 |
+ written += TPM2B_Marshal(&source->b, sizeof(source->t.buffer), buffer, size); // libtpms changed
|
|
|
ffd936 |
return written;
|
|
|
ffd936 |
}
|
|
|
ffd936 |
|
|
|
ffd936 |
@@ -2100,7 +2102,7 @@ UINT16
|
|
|
ffd936 |
TPM2B_ID_OBJECT_Marshal(TPM2B_ID_OBJECT *source, BYTE **buffer, INT32 *size)
|
|
|
ffd936 |
{
|
|
|
ffd936 |
UINT16 written = 0;
|
|
|
ffd936 |
- written += TPM2B_Marshal(&source->b, buffer, size);
|
|
|
ffd936 |
+ written += TPM2B_Marshal(&source->b, sizeof(source->t.credential), buffer, size); // libtpms changed
|
|
|
ffd936 |
return written;
|
|
|
ffd936 |
}
|
|
|
ffd936 |
|
|
|
ffd936 |
@@ -2157,7 +2159,7 @@ UINT16
|
|
|
ffd936 |
TPM2B_CONTEXT_DATA_Marshal(TPM2B_CONTEXT_DATA *source, BYTE **buffer, INT32 *size)
|
|
|
ffd936 |
{
|
|
|
ffd936 |
UINT16 written = 0;
|
|
|
ffd936 |
- written += TPM2B_Marshal(&source->b, buffer, size);
|
|
|
ffd936 |
+ written += TPM2B_Marshal(&source->b, sizeof(source->t.buffer), buffer, size); // libtpms changed
|
|
|
ffd936 |
return written;
|
|
|
ffd936 |
}
|
|
|
ffd936 |
|
|
|
ffd936 |
diff --git a/src/tpm2/Marshal_fp.h b/src/tpm2/Marshal_fp.h
|
|
|
ffd936 |
index faf9d2b..53f4f7d 100644
|
|
|
ffd936 |
--- a/src/tpm2/Marshal_fp.h
|
|
|
ffd936 |
+++ b/src/tpm2/Marshal_fp.h
|
|
|
ffd936 |
@@ -79,7 +79,7 @@ extern "C" {
|
|
|
ffd936 |
UINT16
|
|
|
ffd936 |
Array_Marshal(BYTE *sourceBuffer, UINT16 sourceSize, BYTE **buffer, INT32 *size);
|
|
|
ffd936 |
UINT16
|
|
|
ffd936 |
- TPM2B_Marshal(TPM2B *source, BYTE **buffer, INT32 *size);
|
|
|
ffd936 |
+ TPM2B_Marshal(TPM2B *source, UINT32 maxSize, BYTE **buffer, INT32 *size); // libtpms changed
|
|
|
ffd936 |
UINT16
|
|
|
ffd936 |
TPM_KEY_BITS_Marshal(TPM_KEY_BITS *source, BYTE **buffer, INT32 *size);
|
|
|
ffd936 |
UINT16
|
|
|
ffd936 |
diff --git a/src/tpm2/NVMarshal.c b/src/tpm2/NVMarshal.c
|
|
|
ffd936 |
index b9934d5..1f96bcb 100644
|
|
|
ffd936 |
--- a/src/tpm2/NVMarshal.c
|
|
|
ffd936 |
+++ b/src/tpm2/NVMarshal.c
|
|
|
ffd936 |
@@ -255,7 +255,7 @@ UINT16
|
|
|
ffd936 |
TPM2B_PROOF_Marshal(TPM2B_PROOF *source, BYTE **buffer, INT32 *size)
|
|
|
ffd936 |
{
|
|
|
ffd936 |
UINT16 written = 0;
|
|
|
ffd936 |
- written += TPM2B_Marshal(&source->b, buffer, size);
|
|
|
ffd936 |
+ written += TPM2B_Marshal(&source->b, sizeof(source->t.buffer), buffer, size);
|
|
|
ffd936 |
return written;
|
|
|
ffd936 |
}
|
|
|
ffd936 |
|
|
|
ffd936 |
@@ -1332,7 +1332,7 @@ STATE_RESET_DATA_Marshal(STATE_RESET_DATA *data, BYTE **buffer, INT32 *size)
|
|
|
ffd936 |
STATE_RESET_DATA_VERSION,
|
|
|
ffd936 |
STATE_RESET_DATA_MAGIC, 1);
|
|
|
ffd936 |
written += TPM2B_PROOF_Marshal(&data->nullProof, buffer, size);
|
|
|
ffd936 |
- written += TPM2B_Marshal(&data->nullSeed.b, buffer, size);
|
|
|
ffd936 |
+ written += TPM2B_Marshal(&data->nullSeed.b, sizeof(data->nullSeed.t.buffer), buffer, size);
|
|
|
ffd936 |
written += UINT32_Marshal(&data->clearCount, buffer, size);
|
|
|
ffd936 |
written += UINT64_Marshal(&data->objectContextID, buffer, size);
|
|
|
ffd936 |
|
|
|
ffd936 |
@@ -2115,7 +2115,7 @@ TPM2B_HASH_BLOCK_Marshal(TPM2B_HASH_BLOCK *data, BYTE **buffer, INT32 *size)
|
|
|
ffd936 |
{
|
|
|
ffd936 |
UINT16 written;
|
|
|
ffd936 |
|
|
|
ffd936 |
- written = TPM2B_Marshal(&data->b, buffer, size);
|
|
|
ffd936 |
+ written = TPM2B_Marshal(&data->b, sizeof(data->t.buffer), buffer, size);
|
|
|
ffd936 |
|
|
|
ffd936 |
return written;
|
|
|
ffd936 |
}
|
|
|
ffd936 |
@@ -2980,9 +2980,9 @@ VolatileState_Marshal(BYTE **buffer, INT32 *size)
|
|
|
ffd936 |
|
|
|
ffd936 |
/* tie the volatile state to the EP,SP, and PPSeed */
|
|
|
ffd936 |
NvRead(&pd, NV_PERSISTENT_DATA, sizeof(pd));
|
|
|
ffd936 |
- written += TPM2B_Marshal(&pd.EPSeed.b, buffer, size);
|
|
|
ffd936 |
- written += TPM2B_Marshal(&pd.SPSeed.b, buffer, size);
|
|
|
ffd936 |
- written += TPM2B_Marshal(&pd.PPSeed.b, buffer, size);
|
|
|
ffd936 |
+ written += TPM2B_Marshal(&pd.EPSeed.b, sizeof(pd.EPSeed.t.buffer), buffer, size);
|
|
|
ffd936 |
+ written += TPM2B_Marshal(&pd.SPSeed.b, sizeof(pd.SPSeed.t.buffer), buffer, size);
|
|
|
ffd936 |
+ written += TPM2B_Marshal(&pd.PPSeed.b, sizeof(pd.PPSeed.t.buffer), buffer, size);
|
|
|
ffd936 |
|
|
|
ffd936 |
written += BLOCK_SKIP_WRITE_PUSH(TRUE, buffer, size); /* v4 */
|
|
|
ffd936 |
|
|
|
ffd936 |
@@ -3799,9 +3799,9 @@ PERSISTENT_DATA_Marshal(PERSISTENT_DATA *data, BYTE **buffer, INT32 *size)
|
|
|
ffd936 |
written += TPM2B_AUTH_Marshal(&data->ownerAuth, buffer, size);
|
|
|
ffd936 |
written += TPM2B_AUTH_Marshal(&data->endorsementAuth, buffer, size);
|
|
|
ffd936 |
written += TPM2B_AUTH_Marshal(&data->lockoutAuth, buffer, size);
|
|
|
ffd936 |
- written += TPM2B_Marshal(&data->EPSeed.b, buffer, size);
|
|
|
ffd936 |
- written += TPM2B_Marshal(&data->SPSeed.b, buffer, size);
|
|
|
ffd936 |
- written += TPM2B_Marshal(&data->PPSeed.b, buffer, size);
|
|
|
ffd936 |
+ written += TPM2B_Marshal(&data->EPSeed.b, sizeof(data->EPSeed.t.buffer), buffer, size);
|
|
|
ffd936 |
+ written += TPM2B_Marshal(&data->SPSeed.b, sizeof(data->SPSeed.t.buffer), buffer, size);
|
|
|
ffd936 |
+ written += TPM2B_Marshal(&data->PPSeed.b, sizeof(data->PPSeed.t.buffer), buffer, size);
|
|
|
ffd936 |
written += TPM2B_PROOF_Marshal(&data->phProof, buffer, size);
|
|
|
ffd936 |
written += TPM2B_PROOF_Marshal(&data->shProof, buffer, size);
|
|
|
ffd936 |
written += TPM2B_PROOF_Marshal(&data->ehProof, buffer, size);
|
|
|
ffd936 |
--
|
|
|
ffd936 |
2.29.0
|
|
|
ffd936 |
|