diff options
| author | Werner Koch <[email protected]> | 2024-05-28 10:45:21 +0000 |
|---|---|---|
| committer | Werner Koch <[email protected]> | 2024-05-28 10:57:44 +0000 |
| commit | d631c8198c254107c0a4e704511fa0f33d3dda5f (patch) | |
| tree | 8d77669fa8809d9fee7eb9d8a7b589f28a0029e2 /tpm2d/intel-tss.h | |
| parent | tpm: Do not use fprintf for logging. (diff) | |
| download | gnupg-d631c8198c254107c0a4e704511fa0f33d3dda5f.tar.gz gnupg-d631c8198c254107c0a4e704511fa0f33d3dda5f.zip | |
tpm: Improve error handling and check returned lengths.
* tpm2d/command.c (cmd_pkdecrypt): Handle unknown algo. Also slightly
rework error handling.
* tpm2d/tpm2.c (sexp_to_tpm2_public_ecc): Check length before checking
for 0x04. Rework error handling.
(tpm2_ObjectPublic_GetName): Check the return value of
TSS_GetDigestSize before use. Erro handling rework.
(tpm2_SensitiveToDuplicate): Ditto.
(tpm2_import_key): Ditto.
* tpm2d/intel-tss.h (TSS_Hash_Generate): Check passed length for
negative values. Check return value of TSS_GetDigestSize. Use
dedicated 16 bit length variable.
--
These are reworked and improved fixes as reported in
GnuPG-bug-id: 7129
Diffstat (limited to 'tpm2d/intel-tss.h')
| -rw-r--r-- | tpm2d/intel-tss.h | 23 |
1 files changed, 14 insertions, 9 deletions
diff --git a/tpm2d/intel-tss.h b/tpm2d/intel-tss.h index 1649cca05..da085fac7 100644 --- a/tpm2d/intel-tss.h +++ b/tpm2d/intel-tss.h @@ -344,7 +344,7 @@ TSS_Hash_Generate(TPMT_HA *digest, ...) int length; uint8_t *buffer; int algo; - gcry_md_hd_t md; + gcry_md_hd_t md = NULL; va_list ap; va_start(ap, digest); @@ -353,7 +353,7 @@ TSS_Hash_Generate(TPMT_HA *digest, ...) if (rc) { log_error ("TSS_Hash_Generate: Unknown hash %d\n", digest->hashAlg); - goto out; + goto leave; } rc = gcry_md_open (&md, algo, 0); @@ -362,7 +362,7 @@ TSS_Hash_Generate(TPMT_HA *digest, ...) log_error ("TSS_Hash_Generate: EVP_MD_CTX_create failed: %s\n", gpg_strerror (rc)); rc = TPM_RC_FAILURE; - goto out; + goto leave; } rc = TPM_RC_FAILURE; @@ -374,19 +374,24 @@ TSS_Hash_Generate(TPMT_HA *digest, ...) break; if (length < 0) { - log_error ("TSS_Hash_Generate: Length is negative\n"); - goto out_free; + log_error ("%s: Length is negative\n", "TSS_Hash_Generate"); + goto leave; } if (length != 0) gcry_md_write (md, buffer, length); } - memcpy (&digest->digest, gcry_md_read (md, algo), - TSS_GetDigestSize(digest->hashAlg)); + length = TSS_GetDigestSize(digest->hashAlg); + if (length < 0) + { + log_error ("%s: Length is negative\n", "TSS_GetDigestSize"); + goto leave; + } + memcpy (&digest->digest, gcry_md_read (md, algo), length); rc = TPM_RC_SUCCESS; - out_free: + + leave: gcry_md_close (md); - out: va_end(ap); return rc; } |