From a5cdca085b5c2c20b0dfb5bebb27bf8248d12c81 Mon Sep 17 00:00:00 2001
From: Juergen Repp <Juergen.Repp@sit.fraunhofer.de>
Date: Mon, 26 Nov 2018 15:22:27 +0100
Subject: ESYS: Remove unnecessary size check in StartAuthSession

The check whether the secret size is zero can be removed because  size zero is
possible if no tpmKey for encryption is used and the authValue of the bind
object has length 0.

Signed-off-by: Juergen Repp <Juergen.Repp@sit.fraunhofer.de>
---
 src/tss2-esys/api/Esys_StartAuthSession.c | 10 +++++-----
 1 file changed, 5 insertions(+), 5 deletions(-)

(limited to 'src/tss2-esys')

diff --git a/src/tss2-esys/api/Esys_StartAuthSession.c b/src/tss2-esys/api/Esys_StartAuthSession.c
index 6ea60c41..0ea2829a 100644
--- a/src/tss2-esys/api/Esys_StartAuthSession.c
+++ b/src/tss2-esys/api/Esys_StartAuthSession.c
@@ -450,11 +450,11 @@ Esys_StartAuthSession_Finish(
             secret_size += keyHash_size;
         if (bind != ESYS_TR_NONE && bindNode != NULL)
             secret_size += bindNode->auth.size;
-        if (secret_size == 0) {
-            return_error(TSS2_ESYS_RC_GENERAL_FAILURE,
-                         "Invalid secret size (0).");
-        }
-        uint8_t *secret = malloc(secret_size);
+        /* 
+         * A non null pointer for secret is required by the subsequent functions,
+         * hence a malloc is called with size 1 if secret_size is zero.
+         */
+        uint8_t *secret = malloc(secret_size ? secret_size : 1);
         if (secret == NULL) {
             LOG_ERROR("Out of memory.");
             return TSS2_ESYS_RC_MEMORY;
-- 
cgit v1.2.3