Proxmox-Port/libtpms
1
0
Fork 0
mirror of https://github.com/stefanberger/libtpms synced 2026-01-01 04:45:32 +00:00
Code Issues Actions Packages Projects Releases Wiki Activity

tpm2: Check against unreasonably large datasize value from stream

Browse Source 
Check the read datasize against an unreasonably large value and
log in case we encounter a bad value. This particular value cannot
be larger than 64k and a few bytes.

Signed-off-by: Stefan Berger <stefanb@linux.vnet.ibm.com>
This commit is contained in:
Stefan Berger 2018-03-27 18:07:46 -04:00
parent 03d2b4f718
commit f19bf6c6dc
1 changed files with 8 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

8
src/tpm2/NVMarshal.c
View File

@ -4108,6 +4108,14 @@ USER_NVRAM_Unmarshal(BYTE **buffer, INT32 *size)
if (rc == TPM_RC_SUCCESS) {
rc = UINT32_Unmarshal(&datasize, buffer, size);
}
if (rc == TPM_RC_SUCCESS) {
/* datasize cannot exceed 64k + a few bytes */
if (datasize > (0x10000 + 0x100)) {
TPMLIB_LogTPM2Error("datasize for NV_INDEX too "
"large: %u\n", datasize);
rc = TPM_RC_SIZE;
}
}
if (rc == TPM_RC_SUCCESS &&
o + offset + datasize > array_size) {
o += offset + datasize;