|
Javier Martinez Canillas |
af88e8 |
From 9685ea263f994537430323fb1681b210395eee7c Mon Sep 17 00:00:00 2001
|
|
Javier Martinez Canillas |
af88e8 |
From: =?UTF-8?q?=D0=94=D0=B8=D0=BB=D1=8F=D0=BD=20=D0=9F=D0=B0=D0=BB=D0=B0?=
|
|
Javier Martinez Canillas |
af88e8 |
=?UTF-8?q?=D1=83=D0=B7=D0=BE=D0=B2?= <git-dpa@aegee.org>
|
|
Javier Martinez Canillas |
af88e8 |
Date: Tue, 2 Apr 2019 16:18:32 +0000
|
|
Javier Martinez Canillas |
af88e8 |
Subject: [PATCH] lib/tpm2_util.c:string_to_uint32: ensure the string does not
|
|
Javier Martinez Canillas |
af88e8 |
overflow in uint32
|
|
Javier Martinez Canillas |
af88e8 |
MIME-Version: 1.0
|
|
Javier Martinez Canillas |
af88e8 |
Content-Type: text/plain; charset=UTF-8
|
|
Javier Martinez Canillas |
af88e8 |
Content-Transfer-Encoding: 8bit
|
|
Javier Martinez Canillas |
af88e8 |
|
|
Javier Martinez Canillas |
af88e8 |
Before this change input of "4294967295" generated output of 4294967295, which
|
|
Javier Martinez Canillas |
af88e8 |
is UINT32_MAX = 2**32 - 1. But input "4294967296" created output of 0. The
|
|
Javier Martinez Canillas |
af88e8 |
function is supposed to fail if the number is too big, rather than silently
|
|
Javier Martinez Canillas |
af88e8 |
convert unsigned long int to uint32_t, ignoring some bits.
|
|
Javier Martinez Canillas |
af88e8 |
|
|
Javier Martinez Canillas |
af88e8 |
Signed-Off-By: Дилян Палаузов <git-dpa@aegee.org>
|
|
Javier Martinez Canillas |
af88e8 |
---
|
|
Javier Martinez Canillas |
af88e8 |
lib/tpm2_util.c | 6 +++---
|
|
Javier Martinez Canillas |
af88e8 |
1 file changed, 3 insertions(+), 3 deletions(-)
|
|
Javier Martinez Canillas |
af88e8 |
|
|
Javier Martinez Canillas |
af88e8 |
diff --git a/lib/tpm2_util.c b/lib/tpm2_util.c
|
|
Javier Martinez Canillas |
af88e8 |
index edfda4a8b0b..ca9d8b7f4d7 100644
|
|
Javier Martinez Canillas |
af88e8 |
--- a/lib/tpm2_util.c
|
|
Javier Martinez Canillas |
af88e8 |
+++ b/lib/tpm2_util.c
|
|
Javier Martinez Canillas |
af88e8 |
@@ -236,8 +236,8 @@ bool tpm2_util_string_to_uint32(const char *str, uint32_t *value) {
|
|
Javier Martinez Canillas |
af88e8 |
|
|
Javier Martinez Canillas |
af88e8 |
/* clear errno before the call, should be 0 afterwards */
|
|
Javier Martinez Canillas |
af88e8 |
errno = 0;
|
|
Javier Martinez Canillas |
af88e8 |
- uint32_t tmp = strtoul(str, &endptr, 0);
|
|
Javier Martinez Canillas |
af88e8 |
- if (errno) {
|
|
Javier Martinez Canillas |
af88e8 |
+ unsigned long int tmp = strtoul(str, &endptr, 0);
|
|
Javier Martinez Canillas |
af88e8 |
+ if (errno || tmp > UINT32_MAX) {
|
|
Javier Martinez Canillas |
af88e8 |
return false;
|
|
Javier Martinez Canillas |
af88e8 |
}
|
|
Javier Martinez Canillas |
af88e8 |
|
|
Javier Martinez Canillas |
af88e8 |
@@ -250,7 +250,7 @@ bool tpm2_util_string_to_uint32(const char *str, uint32_t *value) {
|
|
Javier Martinez Canillas |
af88e8 |
return false;
|
|
Javier Martinez Canillas |
af88e8 |
}
|
|
Javier Martinez Canillas |
af88e8 |
|
|
Javier Martinez Canillas |
af88e8 |
- *value = tmp;
|
|
Javier Martinez Canillas |
af88e8 |
+ *value = (uint32_t) tmp;
|
|
Javier Martinez Canillas |
af88e8 |
return true;
|
|
Javier Martinez Canillas |
af88e8 |
}
|
|
Javier Martinez Canillas |
af88e8 |
|
|
Javier Martinez Canillas |
af88e8 |
--
|
|
Javier Martinez Canillas |
af88e8 |
2.21.0
|
|
Javier Martinez Canillas |
af88e8 |
|