forked from pool/tpm2.0-tools
Accepting request 900548 from home:aplanas:branches:security
- Add 0001-tpm2_checkquote-fix-uninitialized-variable.patch for a better fix of boo#1187316 - Re-enable lto OBS-URL: https://build.opensuse.org/request/show/900548 OBS-URL: https://build.opensuse.org/package/show/security/tpm2.0-tools?expand=0&rev=76
This commit is contained in:
parent
6478528698
commit
ce6c7778e0
37
0001-tpm2_checkquote-fix-uninitialized-variable.patch
Normal file
37
0001-tpm2_checkquote-fix-uninitialized-variable.patch
Normal file
@ -0,0 +1,37 @@
|
||||
From 3d7edb1c70cba6c34c71c9b856c07b8adcebb15c Mon Sep 17 00:00:00 2001
|
||||
From: Alberto Planas <aplanas@suse.com>
|
||||
Date: Thu, 17 Jun 2021 11:07:25 +0200
|
||||
Subject: [PATCH] tpm2_checkquote: fix uninitialized variable
|
||||
|
||||
The variable `temp_pcrs` is uninitialized, and later partially
|
||||
uninitialized when reading the selection data from file.
|
||||
|
||||
When activating lto optimizations, this bug presents itself showing an
|
||||
error during the read of the quote:
|
||||
|
||||
ERROR: Malformed PCR file, pcr count cannot be greater than 32, got: ...
|
||||
|
||||
Fixes: #2767
|
||||
|
||||
Co-authored-by: Martin Liska <marxin.liska@gmail.com>
|
||||
Signed-off-by: Alberto Planas <aplanas@suse.com>
|
||||
---
|
||||
tools/misc/tpm2_checkquote.c | 2 +-
|
||||
1 file changed, 1 insertion(+), 1 deletion(-)
|
||||
|
||||
diff --git a/tools/misc/tpm2_checkquote.c b/tools/misc/tpm2_checkquote.c
|
||||
index 53150857..8d780f11 100644
|
||||
--- a/tools/misc/tpm2_checkquote.c
|
||||
+++ b/tools/misc/tpm2_checkquote.c
|
||||
@@ -376,7 +376,7 @@ static tool_rc init(void) {
|
||||
TPM2B_ATTEST *msg = NULL;
|
||||
TPML_PCR_SELECTION pcr_select;
|
||||
tpm2_pcrs *pcrs;
|
||||
- tpm2_pcrs temp_pcrs;
|
||||
+ tpm2_pcrs temp_pcrs = {};
|
||||
tool_rc return_value = tool_rc_general_error;
|
||||
|
||||
msg = message_from_file(ctx.msg_file_path);
|
||||
--
|
||||
2.32.0
|
||||
|
@ -1,3 +1,10 @@
|
||||
-------------------------------------------------------------------
|
||||
Thu Jun 17 09:26:42 UTC 2021 - Alberto Planas Dominguez <aplanas@suse.com>
|
||||
|
||||
- Add 0001-tpm2_checkquote-fix-uninitialized-variable.patch for a better
|
||||
fix of boo#1187316
|
||||
- Re-enable lto
|
||||
|
||||
-------------------------------------------------------------------
|
||||
Tue Jun 15 09:36:37 UTC 2021 - Alberto Planas Dominguez <aplanas@suse.com>
|
||||
|
||||
|
@ -16,7 +16,6 @@
|
||||
#
|
||||
|
||||
|
||||
%define _lto_cflags %{nil}
|
||||
Name: tpm2.0-tools
|
||||
Version: 5.1
|
||||
Release: 0
|
||||
@ -27,6 +26,7 @@ URL: https://github.com/tpm2-software/tpm2-tools/releases
|
||||
Source0: https://github.com/tpm2-software/tpm2-tools/releases/download/%{version}/tpm2-tools-%{version}.tar.gz
|
||||
Patch0: fix_bogus_warning.patch
|
||||
Patch1: 0001-tpm2_import-fix-fixed-AES-key-CVE-2021-3565.patch
|
||||
Patch2: 0001-tpm2_checkquote-fix-uninitialized-variable.patch
|
||||
BuildRequires: autoconf-archive
|
||||
BuildRequires: automake
|
||||
BuildRequires: gcc-c++
|
||||
@ -69,6 +69,7 @@ associated interfaces.
|
||||
%setup -q -n tpm2-tools-%{version}
|
||||
%patch0 -p1
|
||||
%patch1 -p1
|
||||
%patch2 -p1
|
||||
|
||||
%build
|
||||
# TODO: remove autoreconf once fix_pie_linking patch is no longer needed
|
||||
|
Loading…
Reference in New Issue
Block a user