Mimi, On Tue, Jul 23, 2019 at 11:53:10AM -0400, Mimi Zohar wrote: > On Tue, 2019-07-23 at 12:47 -0300, Bruno E. O. Meneguele wrote: > > > > @@ -1402,6 +1400,41 @@ static int tpm_pcr_read(int idx, uint8_t *pcr, int len) > > > return result; > > > } > > > > > > +#ifdef HAVE_TSSPCRREAD > > > +static int tpm2_pcr_read(int idx, uint8_t *hwpcr, int len, char **errmsg) > > > +{ > > > + FILE *fp; > > > + char pcr[100]; /* may contain an error */ > > > + char cmd[50]; > > > + int ret; > > > + > > > + sprintf(cmd, "tsspcrread -halg sha1 -ha %d -ns 2> /dev/null", idx); > > > + fp = popen(cmd, "r"); > > > + if (!fp) { > > > + snprintf(pcr, sizeof(pcr), "popen failed: %s", strerror(errno)); > > > + *errmsg = strdup("popen failed:"); > > > > Should it have been > > > > *errmsg = strdup(pcr); > > > Yes, of course. Or better to use asprintf(3). Thanks,