grub-devel
[Top][All Lists]
Advanced

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [PATCH 04/10] tss2: Fix the missing authCommand


From: Stefan Berger
Subject: Re: [PATCH 04/10] tss2: Fix the missing authCommand
Date: Thu, 2 Jan 2025 13:13:06 -0500
User-agent: Mozilla Thunderbird



On 12/19/24 3:12 AM, Gary Lin wrote:
grub_tpm2_readpublic() and grub_tpm2_testparms() didn't check
'authCommand' when marshaling the input data buffer. Currently, there is
no caller using non-NULL 'authCommand'. However, to avoid the potential
issue, the conditional check is added to insert 'authCommand' into the
input buffer if necessary.

Also fix a few pointer checks.

Signed-off-by: Gary Lin <glin@suse.com>
---
  grub-core/lib/tss2/tpm2_cmd.c | 10 +++++++---
  1 file changed, 7 insertions(+), 3 deletions(-)

diff --git a/grub-core/lib/tss2/tpm2_cmd.c b/grub-core/lib/tss2/tpm2_cmd.c
index cd0c6fd31..211d807d5 100644
--- a/grub-core/lib/tss2/tpm2_cmd.c
+++ b/grub-core/lib/tss2/tpm2_cmd.c
@@ -341,6 +341,8 @@ grub_tpm2_readpublic (const TPMI_DH_OBJECT_t objectHandle,
    /* Marshal */
    grub_tpm2_buffer_init (&in);
    grub_tpm2_buffer_pack_u32 (&in, objectHandle);
+  if (authCommand != NULL)
+    grub_Tss2_MU_TPMS_AUTH_COMMAND_Marshal (&in, authCommand);
    if (in.error != 0)
      return TPM_RC_FAILURE;
@@ -398,7 +400,7 @@ grub_tpm2_load (const TPMI_DH_OBJECT_t parent_handle,
    /* Marshal */
    grub_tpm2_buffer_init (&in);
    grub_tpm2_buffer_pack_u32 (&in, parent_handle);
-  if (authCommand)
+  if (authCommand != NULL)
      grub_Tss2_MU_TPMS_AUTH_COMMAND_Marshal (&in, authCommand);
    grub_Tss2_MU_TPM2B_Marshal (&in, inPrivate->size, inPrivate->buffer);
    grub_Tss2_MU_TPM2B_PUBLIC_Marshal (&in, inPublic);
@@ -461,9 +463,9 @@ grub_tpm2_loadexternal (const TPMS_AUTH_COMMAND_t 
*authCommand,
/* Marshal */
    grub_tpm2_buffer_init (&in);
-  if (authCommand)
+  if (authCommand != NULL)
      grub_Tss2_MU_TPMS_AUTH_COMMAND_Marshal (&in, authCommand);
-  if (inPrivate)
+  if (inPrivate != NULL)
      grub_Tss2_MU_TPM2B_SENSITIVE_Marshal (&in, inPrivate);
    else
      grub_tpm2_buffer_pack_u16 (&in, 0);
@@ -1023,6 +1025,8 @@ grub_tpm2_testparms (const TPMT_PUBLIC_PARMS_t *parms,
    /* Marshal */
    grub_tpm2_buffer_init (&in);
    grub_Tss2_MU_TPMT_PUBLIC_PARMS_Marshal (&in, parms);
+  if (authCommand != NULL)
+    grub_Tss2_MU_TPMS_AUTH_COMMAND_Marshal (&in, authCommand);
    if (in.error != 0)
      return TPM_RC_FAILURE;

Reviewed-by: Stefan Berger <stefanb@linux.ibm.com>




reply via email to

[Prev in Thread] Current Thread [Next in Thread]