This occurs with TrouSerS-0.3.6. It IS the responsibility of the caller to split any data larger than the RSA public key modulus when sealing to the TPM. However, it would be fairly easy to see an application programmer not checking the size of user input. I haven't dug into the source, but I'm assuming that memcpy is being used to copy data from Tspi_Data_Seal into another buffer that is too small.
A 1kB file makes it to the TPM and returns error 0x0000002b Invalid data size. 2kB and 3kB files return TDDL error 0x00001002 General failure. A 4kB produces a segfault in tcsd. Here is the backtrace from gdb: (gdb) run -f The program being debugged has been started already. Start it from the beginning? (y or n) y Starting program: /usr/local/sbin/tcsd -f [Thread debugging using libthread_db enabled] TCSD trousers 0.3.6: TCSD up and running. [New Thread 0x7ffff79b8710 (LWP 10076)] Program received signal SIGSEGV, Segmentation fault. [Switching to Thread 0x7ffff79b8710 (LWP 10076)] 0x000000311b880ef7 in memcpy () from /lib/libc.so.6 (gdb) backtrace #0 0x000000311b880ef7 in memcpy () from /lib/libc.so.6 #1 0x00000000004078ed in LoadBlob () #2 0x0000000000407989 in LoadBlob_Auth () #3 0x000000000040cacf in tpm_rqu_build () #4 0x000000000042c60a in TCSP_Seal_Internal () #5 0x0000000000000000 in ?? () Architecture is amd64 and the OS is Gentoo Linux running TrouSerS-0.3.6 released on SF.
------------------------------------------------------------------------------ This SF.net email is sponsored by Make an app they can't live without Enter the BlackBerry Developer Challenge http://p.sf.net/sfu/RIM-dev2dev
_______________________________________________ TrouSerS-users mailing list [email protected] https://lists.sourceforge.net/lists/listinfo/trousers-users
