Skip to content

Commit

Permalink
FAPI: Fix length check in auth callback.
Browse files Browse the repository at this point in the history
The max size of the value returned by the auth value
callback sizeof(TPMU_HA) is now checked.

Signed-off-by: Juergen Repp <[email protected]>
  • Loading branch information
JuergenReppSIT committed Apr 15, 2024
1 parent fdb3594 commit 6f7df6b
Showing 1 changed file with 4 additions and 0 deletions.
4 changes: 4 additions & 0 deletions src/tss2-fapi/fapi_util.c
Original file line number Diff line number Diff line change
Expand Up @@ -440,6 +440,10 @@ ifapi_set_auth(
return_if_error(r, "policyAuthCallback");
if (auth != NULL) {
authValue.size = strlen(auth);
if (authValue.size > sizeof(TPMU_HA)) {
return_error2(TSS2_FAPI_RC_BAD_VALUE, "Auth value %u > %lu",
authValue.size, sizeof(TPMU_HA));
}
memcpy(&authValue.buffer[0], auth, authValue.size);
}

Expand Down

0 comments on commit 6f7df6b

Please sign in to comment.