diff options
author | Julien Masson <jmasson@baylibre.com> | 2024-02-29 18:07:42 +0100 |
---|---|---|
committer | Joakim Bech <joakim.bech@linaro.org> | 2024-03-05 10:28:43 +0100 |
commit | d69daa9407d2e2f68c9e7fafdd774e7670226018 (patch) | |
tree | b761f83a957ec48753e2176fcf633e75c3d66e7d | |
parent | a7169b05c236ff877547aeb51f50d6a3b7741b63 (diff) | |
download | apps-upstream-master.tar.gz |
keymaster: don't shrink input size on updateupstream-master
We should not shrink the input size when:
Request size + Input size > OPTEE_KEYMASTER_SEND_BUF_SIZE
Otherwise we may return incorrect/unexpected data when we perform an
UpdateOperation.
Instead we should set the response error to
KM_ERROR_INVALID_INPUT_LENGTH and return.
Reviewed-by: Joakim Bech <joakim.bech@linaro.org>
Signed-off-by: Julien Masson <jmasson@baylibre.com>
-rw-r--r-- | keymaster/3.0/OpteeKeymaster3Device.cpp | 5 |
1 files changed, 1 insertions, 4 deletions
diff --git a/keymaster/3.0/OpteeKeymaster3Device.cpp b/keymaster/3.0/OpteeKeymaster3Device.cpp index e923c07..5e7eff3 100644 --- a/keymaster/3.0/OpteeKeymaster3Device.cpp +++ b/keymaster/3.0/OpteeKeymaster3Device.cpp @@ -408,12 +408,9 @@ Return<void> OpteeKeymaster3Device::update(uint64_t operationHandle, size_t inp_size = input.size(); size_t ser_size = request.SerializedSize(); - if (ser_size > OPTEE_KEYMASTER_SEND_BUF_SIZE) { + if (ser_size + inp_size > OPTEE_KEYMASTER_SEND_BUF_SIZE) { response.error = KM_ERROR_INVALID_INPUT_LENGTH; } else { - if (ser_size + inp_size > OPTEE_KEYMASTER_SEND_BUF_SIZE) { - inp_size = OPTEE_KEYMASTER_SEND_BUF_SIZE - ser_size; - } request.input.Reinitialize(input.data(), inp_size); impl_->UpdateOperation(request, &response); |