On 01/12/2017 08:19 PM, Stefan Berger wrote:
> Make sure that we have not received less bytes than what is indicated
> in the header of the TPM response. Also, check the number of bytes in
> the response before accessing its data.

Please do not apply. There's a bug here where tpm_getcap has to be 
allowed to only return a header with TPM_ERR_INVALID_POSTINIT.

@@ -546,7 +552,8 @@ int tpm_get_timeouts(struct tpm_chip *chip)
                return 0;
        }

-       rc = tpm_getcap(chip, TPM_CAP_PROP_TIS_TIMEOUT, &cap, NULL);
+       rc = tpm_getcap(chip, TPM_CAP_PROP_TIS_TIMEOUT, &cap, NULL,
+                       sizeof(cap.timeout));
        if (rc == TPM_ERR_INVALID_POSTINIT) {
                /* The TPM is not started, we are the first to talk to it.
                   Execute a startup command. */
@@ -555,7 +562,8 @@ int tpm_get_timeouts(struct tpm_chip *chip)
                        return rc;

                rc = tpm_getcap(chip, TPM_CAP_PROP_TIS_TIMEOUT, &cap,
-                               "attempting to determine the timeouts");
+                               "attempting to determine the timeouts",
+                               sizeof(cap.timeout));
        }
        if (rc) {
                dev_err(&chip->dev,



     Stefan


------------------------------------------------------------------------------
Developer Access Program for Intel Xeon Phi Processors
Access to Intel Xeon Phi processor-based developer platforms.
With one year of Intel Parallel Studio XE.
Training and support from Colfax.
Order your platform today. http://sdm.link/xeonphi
_______________________________________________
tpmdd-devel mailing list
tpmdd-devel@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/tpmdd-devel

Reply via email to