Accepting request 909338 from security

- Add 0001-tpm2_eventlog-fix-buffer-offset-when-reading-the-eve.patch to fix the offset of the read buffer (forwarded request 909201 from aplanas) OBS-URL: https://build.opensuse.org/request/show/909338 OBS-URL: https://build.opensuse.org/package/show/openSUSE:Factory/tpm2.0-tools?expand=0&rev=31
2021-08-02 10:04:31 +00:00 · 2021-08-02 10:04:31 +00:00 · 0f526928e4
commit 0f526928e4
parent 131a800519 2daa4759e2
3 changed files with 42 additions and 0 deletions
--- a/0001-tpm2_eventlog-fix-buffer-offset-when-reading-the-eve.patch
+++ b/0001-tpm2_eventlog-fix-buffer-offset-when-reading-the-eve.patch
@ -0,0 +1,35 @@
+From 24e193412eac3985baea5e83e3245a4315c86ebe Mon Sep 17 00:00:00 2001
+From: Alberto Planas <aplanas@suse.com>
+Date: Thu, 29 Jul 2021 16:02:50 +0200
+Subject: [PATCH 1/1] tpm2_eventlog: fix buffer offset when reading the event
+ log
+
+The event log is read in chunks of CHUNK_SIZE blocks (16KB), always
+checking when the EOF is reached, so it is compatible with virtual files
+that lives in securityfs and we do not know the full size.  The current
+code is not taking care of adjusting the offset when the next chunk is
+read.
+
+This patch add "size" to the base buffer where the event log is stored
+in memory.
+
+Fix #2778
+
+Signed-off-by: Alberto Planas <aplanas@suse.com>
+---
+ tools/misc/tpm2_eventlog.c | 2 +-
+ 1 file changed, 1 insertion(+), 1 deletion(-)
+
+Index: tpm2-tools-5.1.1/tools/misc/tpm2_eventlog.c
+===================================================================
+--- tpm2-tools-5.1.1.orig/tools/misc/tpm2_eventlog.c
+++ tpm2-tools-5.1.1/tools/misc/tpm2_eventlog.c
+@@ -90,7 +90,7 @@ static tool_rc tpm2_tool_onrun(ESYS_CONT
+     }
+ 
+     unsigned long size = 0;
+-    while (files_read_bytes_chunk(fileptr, eventlog, CHUNK_SIZE, &size)) {
+    while (files_read_bytes_chunk(fileptr, eventlog + size, CHUNK_SIZE, &size)) {
+         UINT8 *eventlog_tmp = realloc(eventlog, size + CHUNK_SIZE);
+         if (eventlog_tmp == NULL){
+             LOG_ERR("failed to allocate %lu bytes: %s", size + CHUNK_SIZE, strerror(errno));
--- a/tpm2.0-tools.changes
+++ b/tpm2.0-tools.changes
@ -1,3 +1,9 @@
+-------------------------------------------------------------------
+Thu Jul 29 14:15:11 UTC 2021 - Alberto Planas Dominguez <aplanas@suse.com>
+
+- Add 0001-tpm2_eventlog-fix-buffer-offset-when-reading-the-eve.patch to
+fix the offset of the read buffer
+
 -------------------------------------------------------------------
 Thu Jul  8 09:07:05 UTC 2021 - Matthias Gerstner <matthias.gerstner@suse.com>

--- a/tpm2.0-tools.spec
+++ b/tpm2.0-tools.spec
@ -30,6 +30,7 @@ Source2:        tpm2-tools.keyring
 Patch0:         fix_bogus_warning.patch
 Patch2:         0001-tpm2_checkquote-fix-uninitialized-variable.patch
 Patch3:         0001-tpm2_eventlog-read-eventlog-file-in-chunks.patch
+Patch4:         0001-tpm2_eventlog-fix-buffer-offset-when-reading-the-eve.patch
 BuildRequires:  gcc-c++
 BuildRequires:  libcurl-devel
 BuildRequires:  libopenssl-devel