diff options
| author | nagendra modadugu <ngm@google.com> | 2016-11-02 11:13:41 -0700 |
|---|---|---|
| committer | chrome-bot <chrome-bot@chromium.org> | 2016-11-02 17:35:08 -0700 |
| commit | 07ec984d630c89128306671ec42b964236ce4eaf (patch) | |
| tree | e3effec04a69d4f034d454c013e4cdbffb4fbb9c | |
| parent | 4a1c64803bf0b6852eb2010ac1b550a10bf68e59 (diff) | |
| download | tpm2-07ec984d630c89128306671ec42b964236ce4eaf.tar.gz | |
tpm: fix assert failure in PCRComputeCurrentDigest
This patch fixes an assert case reached by clusterfuzz.
The assert is reached to an input parameter (hashAlg)
not being validated early in the call chain. This change
adds the appropriate check.
This abort originally reported here:
https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=107
BUG=chrome-os-partner:59293
BRANCH=none
TEST=TCG tests pass, fuzz testcase no longer crashes
Change-Id: I2b2a49a69ebf00a6c63dbcb184f96d27e76c4f1c
Signed-off-by: nagendra modadugu <ngm@google.com>
Reviewed-on: https://chromium-review.googlesource.com/406578
Commit-Ready: Nagendra Modadugu <ngm@google.com>
Tested-by: Nagendra Modadugu <ngm@google.com>
Reviewed-by: Bill Richardson <wfrichar@chromium.org>
| -rw-r--r-- | Object_spt.c | 2 |
1 files changed, 2 insertions, 0 deletions
diff --git a/Object_spt.c b/Object_spt.c index dd37f1b..4cf13c7 100644 --- a/Object_spt.c +++ b/Object_spt.c @@ -533,6 +533,8 @@ PublicAttributesValidation( OBJECT *parentObject = NULL; if(HandleGetType(parentHandle) != TPM_HT_PERMANENT) parentObject = ObjectGet(parentHandle); + if (publicArea->nameAlg == TPM_ALG_NULL) + return TPM_RC_HASH; // Check authPolicy digest consistency if( publicArea->authPolicy.t.size != 0 && ( publicArea->authPolicy.t.size |