From nobody Fri Oct 18 09:21:33 2024 Delivered-To: importer@patchew.org Received-SPF: none (zoho.com: 78.46.105.101 is neither permitted nor denied by domain of seabios.org) client-ip=78.46.105.101; envelope-from=seabios-bounces@seabios.org; helo=coreboot.org; Authentication-Results: mx.zohomail.com; spf=none (zoho.com: 78.46.105.101 is neither permitted nor denied by domain of seabios.org) smtp.mailfrom=seabios-bounces@seabios.org ARC-Seal: i=1; a=rsa-sha256; t=1573077087; cv=none; d=zoho.com; s=zohoarc; b=Dv6QaucOj64qth+GSnswNTOtMmjptSMAGR38WnQUaqrSIbcDEZh2A22ZyLNvZzYrE6YDySD+KpkGbIup+eeaFGjFX1KsmahNmPtxVqz9itUzDUk4LpuZP4iI936Z8o05un3zqbloDOtiIF4Hyh1tCfw8SRkUJpVIQJwfaO6RSmk= ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=zoho.com; s=zohoarc; t=1573077087; h=Content-Type:Content-Transfer-Encoding:Cc:Date:From:In-Reply-To:List-Subscribe:List-Post:List-Id:List-Archive:List-Help:List-Unsubscribe:MIME-Version:Message-ID:References:Subject:To; bh=5JDs0Va3kyyZjmCGjHWD1sPeDuiifWeKRPsaskmNiH8=; b=A5Nx6D8fUyucXuasNSpN49GuTcmArQFHfq6TxEwXqtFcSLxOwZT+dq2qcDsL3yij6ZxkzSQg32U3Gi1anIWBZJs1hRhKIlqyHvbCtfV1HgcYAjxuJ1X5iK6l0z2Dn1P3wbLprzoiWsDIwY28wLLY3O0yh/XZswi+0PaJ1FQ81xc= ARC-Authentication-Results: i=1; mx.zoho.com; spf=none (zoho.com: 78.46.105.101 is neither permitted nor denied by domain of seabios.org) smtp.mailfrom=seabios-bounces@seabios.org Return-Path: Received: from coreboot.org (coreboot.org [78.46.105.101]) by mx.zohomail.com with SMTPS id 1573077087183715.999031190144; Wed, 6 Nov 2019 13:51:27 -0800 (PST) Received: from authenticated-user (PRIMARY_HOSTNAME [PUBLIC_IP]) by coreboot.org (Postfix) with ESMTPA id 50CCE12A0EFF; Wed, 6 Nov 2019 21:51:23 +0000 (UTC) Received: from authenticated-user (PRIMARY_HOSTNAME [PUBLIC_IP]) by coreboot.org (Postfix) with ESMTP id C0CC812A0EF5 for ; Wed, 6 Nov 2019 21:51:07 +0000 (UTC) Received: from authenticated-user (PRIMARY_HOSTNAME [PUBLIC_IP]) by mx0b-001b2d01.pphosted.com (8.16.0.27/8.16.0.27) with SMTP id xA6LWcok083598; Wed, 6 Nov 2019 16:36:11 -0500 Received: from authenticated-user (PRIMARY_HOSTNAME [PUBLIC_IP]) by mx0b-001b2d01.pphosted.com with ESMTP id 2w45q68ynn-1 (version=TLSv1.2 cipher=ECDHE-RSA-AES256-GCM-SHA384 bits=256 verify=NOT); Wed, 06 Nov 2019 16:36:10 -0500 Received: from authenticated-user (PRIMARY_HOSTNAME [PUBLIC_IP]) by ppma04wdc.us.ibm.com (8.16.0.27/8.16.0.27) with SMTP id xA6LZaOO007224; Wed, 6 Nov 2019 21:36:10 GMT Received: from authenticated-user (PRIMARY_HOSTNAME [PUBLIC_IP]) by ppma04wdc.us.ibm.com with ESMTP id 2w41uja26u-1 (version=TLSv1.2 cipher=ECDHE-RSA-AES256-GCM-SHA384 bits=256 verify=NOT); Wed, 06 Nov 2019 21:36:09 +0000 Received: from authenticated-user (PRIMARY_HOSTNAME [PUBLIC_IP]) by b03cxnp08025.gho.boulder.ibm.com (8.14.9/8.14.9/NCO v10.0) with ESMTP id xA6La8cK52822348 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-GCM-SHA384 bits=256 verify=OK); Wed, 6 Nov 2019 21:36:08 GMT Received: from authenticated-user (PRIMARY_HOSTNAME [PUBLIC_IP]) by IMSVA (Postfix) with ESMTP id 9DD50BE059; Wed, 6 Nov 2019 21:36:08 +0000 (GMT) Received: from authenticated-user (PRIMARY_HOSTNAME [PUBLIC_IP]) by IMSVA (Postfix) with ESMTP id 3332DBE058; Wed, 6 Nov 2019 21:36:08 +0000 (GMT) Received: from authenticated-user (PRIMARY_HOSTNAME [PUBLIC_IP]) by b03ledav005.gho.boulder.ibm.com (Postfix) with ESMTP; Wed, 6 Nov 2019 21:36:07 +0000 (GMT) From: Stefan Berger To: seabios@seabios.org, kevin@koconnor.net Date: Wed, 6 Nov 2019 16:35:59 -0500 Message-Id: <20191106213600.2457517-2-stefanb@linux.vnet.ibm.com> In-Reply-To: <20191106213600.2457517-1-stefanb@linux.vnet.ibm.com> References: <20191106213600.2457517-1-stefanb@linux.vnet.ibm.com> MIME-Version: 1.0 X-TM-AS-GCONF: 00 X-Proofpoint-Virus-Version: vendor=fsecure engine=2.50.10434:,, definitions=2019-11-06_07:,, signatures=0 X-Proofpoint-Spam-Details: rule=outbound_notspam policy=outbound score=0 priorityscore=1501 malwarescore=0 suspectscore=0 phishscore=0 bulkscore=0 spamscore=0 clxscore=1015 lowpriorityscore=0 mlxscore=0 impostorscore=0 mlxlogscore=922 adultscore=0 classifier=spam adjust=0 reason=mlx scancount=1 engine=8.0.1-1910280000 definitions=main-1911060209 X-Spam-Level: **** Message-ID-Hash: WCDNPZDIPZSLKWJW33KUJMCAVJU3FYMB X-Message-ID-Hash: WCDNPZDIPZSLKWJW33KUJMCAVJU3FYMB X-MailFrom: stefanb@linux.vnet.ibm.com X-Mailman-Rule-Misses: dmarc-mitigation; no-senders; approved; emergency; loop; banned-address; member-moderation; header-match-seabios.seabios.org-0; header-match-seabios.seabios.org-1; nonmember-moderation; administrivia; implicit-dest; max-recipients; max-size; news-moderation; no-subject; suspicious-header CC: ivansprundel@ioactive.com, joseph.tartaro@ioactive.com, Stefan Berger X-Mailman-Version: 3.2.3 Precedence: list Subject: [SeaBIOS] [PATCH 1/2] tpm: Require a response to have minimum size of a valid response header List-Id: SeaBIOS mailing list Archived-At: List-Archive: List-Help: List-Post: List-Subscribe: List-Unsubscribe: Content-Transfer-Encoding: quoted-printable Authentication-Results: coreboot.org; auth=pass smtp.auth=mailman@coreboot.org smtp.mailfrom=seabios-bounces@seabios.org X-Spamd-Bar: / Content-Type: text/plain; charset="utf-8" Defend against a broken TPM 1.2 or TPM 2.0 that doesn't send at least a full response header in the response but less than 10 bytes. Signed-off-by: Stefan Berger Reviewed-by: Marc-Andr=C3=A9 Lureau Reviewed-by: Philippe Mathieu-Daud=C3=A9 --- src/hw/tpm_drivers.c | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/src/hw/tpm_drivers.c b/src/hw/tpm_drivers.c index e4770b3..2b5753c 100644 --- a/src/hw/tpm_drivers.c +++ b/src/hw/tpm_drivers.c @@ -620,7 +620,8 @@ tpmhw_transmit(u8 locty, struct tpm_req_header *req, return -1; =20 irc =3D td->readresp(respbuffer, respbufferlen); - if (irc !=3D 0) + if (irc !=3D 0 || + *respbufferlen < sizeof(struct tpm_rsp_header)) return -1; =20 td->ready(); --=20 2.20.1 _______________________________________________ SeaBIOS mailing list -- seabios@seabios.org To unsubscribe send an email to seabios-leave@seabios.org