Djam/u-boot
1
0
Fork 0
mirror of https://github.com/u-boot/u-boot.git synced 2025-04-19 19:34:35 +00:00
Code Issues Projects Releases Packages Wiki Activity Actions

tpm: add checker for pcr count

Browse source 
Add bound checking for pcr count before using it.

Addresses-Coverity-ID: 541280: Insecure data handling (TAINTED_SCALAR)
Addresses-Coverity-ID: 541281: Insecure data handling (TAINTED_SCALAR)
Signed-off-by: Raymond Mao <raymond.mao@linaro.org>
This commit is contained in:
Raymond Mao 2025-02-11 13:23:07 -08:00
parent cfdf18b31b
commit 94a409c258
2 changed files with 6 additions and 0 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

3
cmd/tpm-v2.c
View file

@ -304,6 +304,9 @@ static int do_tpm2_pcrallocate(struct cmd_tbl *cmdtp, int flag, int argc,
if (ret) if (ret)
return ret; return ret;
if (pcr.count > TPM2_NUM_PCR_BANKS)
return -EINVAL;
for (i = 0; i < pcr.count; i++) { for (i = 0; i < pcr.count; i++) {
struct tpms_pcr_selection *sel = &pcr.selection[i]; struct tpms_pcr_selection *sel = &pcr.selection[i];
const char *name; const char *name;

3
lib/tpm-v2.c
View file

@ -74,6 +74,9 @@ int tpm2_scan_masks(struct udevice *dev, u32 log_active, u32 *mask)
if (rc) if (rc)
return rc; return rc;
if (pcrs.count > TPM2_NUM_PCR_BANKS)
return TPM_LIB_ERROR;
for (i = 0; i < pcrs.count; i++) { for (i = 0; i < pcrs.count; i++) {
struct tpms_pcr_selection *sel = &pcrs.selection[i]; struct tpms_pcr_selection *sel = &pcrs.selection[i];
size_t j; size_t j;