Re: [PATCH RESEND 1/2] tpm-dev-common: Reject too short writes

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



On Mon, Aug 28, 2017 at 05:11:00PM +0000, Alexander.Steffen@xxxxxxxxxxxx wrote:
> > > diff --git a/drivers/char/tpm/tpm-dev-common.c
> > > b/drivers/char/tpm/tpm-dev-common.c
> > > index 610638a..c39b581 100644
> > > --- a/drivers/char/tpm/tpm-dev-common.c
> > > +++ b/drivers/char/tpm/tpm-dev-common.c
> > > @@ -119,7 +119,7 @@ ssize_t tpm_common_write(struct file *file, const
> > char __user *buf,
> > >  		return -EPIPE;
> > >  	}
> > >  	out_size = tpm_transmit(priv->chip, space, priv->data_buffer,
> > > -				sizeof(priv->data_buffer), 0);
> > > +				sizeof(priv->data_buffer), in_size, 0);
> > 
> > Why you couldn't just
> > 
> > unsigned int bufsiz;
> > 
> > /* ... */
> > 
> > bufsiz = sizeof(priv->data_buffer);
> > if (in_size < bufsiz)
> > 	bufsiz = in_size;
> > 
> > out_size = tpm_transmit(priv->chip, space, priv->data_buffer, bufsiz, 0);
> 
> Because the code needs to know both how large the buffer is (in order to avoid buffer overflows when writing to it) and how much of the data in the buffer is valid (in order not to send random junk to the TPM). This is made more explicit in PATCH 2/2.
> 
> Your example fails as soon as the response is longer than the command.
> 
> Alexander

Got you.

Do the comparison for count tpm-dev-common.c as it is the only call site
where this is needed instead of scrabbling with the parameters. In other
call sites this is unnecessary at this point.

This will also make backporting a factor more sleek.

/Jarkko



[Index of Archives]     [Linux Kernel]     [Kernel Development Newbies]     [Linux USB Devel]     [Video for Linux]     [Linux Audio Users]     [Yosemite Hiking]     [Linux Kernel]     [Linux SCSI]