master

分支 (12)

标签 (12)

管理

管理

master

openEuler-20.03-LTS-SP2

openEuler-20.03-LTS-SP3

openEuler-20.03-LTS-SP1

openEuler-20.03-LTS-Next

openEuler-22.03-LTS-Next

openEuler-22.03-LTS-SP1

openEuler-22.09

openEuler-22.03-LTS

openEuler-21.09

openEuler-21.03

openEuler-20.09

openEuler-22.09-release

openEuler-22.09-rc5

openEuler-22.09-20220829

openEuler-22.03-LTS-20220331

openEuler-22.03-LTS-round5

openEuler-22.03-LTS-round3

openEuler-22.03-LTS-round2

openEuler-22.03-LTS-round1

openEuler-20.03-LTS-SP3-release

openEuler-20.03-LTS-SP2-20210624

openEuler-21.03-20210330

openEuler-20.09-20200929

libtpms
/
tpm2-NVMarshal-Handle-index-orderly-R...

From 1fb6cd9b8df05b5d6e381b31215193d6ada969df Mon Sep 17 00:00:00 2001
From: Stefan Berger <stefanb@linux.vnet.ibm.com>
Date: Fri, 23 Jul 2021 13:29:00 -0400
Subject: [PATCH] tpm2: NVMarshal: Handle index orderly RAM without 0-sized
 terminating node

The NVRAM entries in s_indexOrderlyRam array do not need to contain a
0-sized terminating node. Instead, the entries may fill up this 512
byte array so that no NV_RAM_HEADER structure fits anymore. The fact
that no more NV_RAM_HEADER structure fits is also an indicator for the
last entry. We need to account for this in the code marshalling and
unmarshalling the entries so that we stop marshalling the entries
then and similarly stop unmarshalling.

Signed-off-by: Stefan Berger <stefanb@linux.ibm.com>
---
 src/tpm2/NVMarshal.c | 16 ++++++++++++++++
 1 file changed, 16 insertions(+)

diff --git a/src/tpm2/NVMarshal.c b/src/tpm2/NVMarshal.c
index 2b2d84a..430f481 100644
--- a/src/tpm2/NVMarshal.c
+++ b/src/tpm2/NVMarshal.c
@@ -4103,6 +4103,12 @@ INDEX_ORDERLY_RAM_Marshal(void *array, size_t array_size,
                                      datasize, buffer, size);
         }
         offset += nrh.size;
+        if (offset + sizeof(NV_RAM_HEADER) > array_size) {
+            /* nothing will fit anymore and there won't be a 0-sized
+             * terminating node (@1).
+             */
+            break;
+        }
     }

     written += BLOCK_SKIP_WRITE_PUSH(TRUE, buffer, size);
@@ -4144,6 +4150,16 @@ INDEX_ORDERLY_RAM_Unmarshal(void *array, size_t array_size,
          */
         nrhp = array + offset;

+        if (offset + sizeof(NV_RAM_HEADER) > sourceside_size) {
+            /* this case can occur with the previous entry filling up the
+             * space; in this case there will not be a 0-sized terminating
+             * node (see @1 above). We clear the rest of our space.
+             */
+            if (array_size > offset)
+                memset(nrhp, 0, array_size - offset);
+            break;
+        }
+
         /* write the NVRAM header;
            nrh->size holds the complete size including data;
            nrh->size = 0 indicates the end */
--
2.21.0.windows.1