Check enough data available to read

author Sansar Choinyambuu <schoinya@hsr.ch>

Wed, 23 Nov 2011 14:23:57 +0000 (15:23 +0100)

committer Andreas Steffen <andreas.steffen@strongswan.org>

Mon, 28 Nov 2011 20:23:24 +0000 (21:23 +0100)
author Sansar Choinyambuu <schoinya@hsr.ch>
Wed, 23 Nov 2011 14:23:57 +0000 (15:23 +0100)
committer Andreas Steffen <andreas.steffen@strongswan.org>
Mon, 28 Nov 2011 20:23:24 +0000 (21:23 +0100)
diff --git a/src/libpts/tcg/tcg_pts_attr_simple_comp_evid.c b/src/libpts/tcg/tcg_pts_attr_simple_comp_evid.c

index a8c07415ad28d67a53aba69d9f90f3be0f9d88c9..96c01270c46f31dad6659434e590e87c4a37493f 100644 (file)
--- a/src/libpts/tcg/tcg_pts_attr_simple_comp_evid.c
+++ b/src/libpts/tcg/tcg_pts_attr_simple_comp_evid.c
@@ -305,6 +305,7 @@ METHOD(pa_tnc_attr_t, process, status_t,
         chunk_t measurement, utc_time, policy_uri, pcr_before, pcr_after;
         time_t measurement_time;
         bool has_pcr_info = FALSE, has_validation = FALSE;
+       status_t status = FAILED;
  
         if (this->value.len < PTS_SIMPLE_COMP_EVID_SIZE)
         {
@@ -349,17 +350,42 @@ METHOD(pa_tnc_attr_t, process, status_t,
         if (validation == PTS_COMP_EVID_VALIDATION_FAILED ||
                 validation == PTS_COMP_EVID_VALIDATION_PASSED)
         {
-               reader->read_uint16(reader, &len);
-               reader->read_data(reader, len, &policy_uri);
+               if (!reader->read_uint16(reader, &len))
+               {
+                       DBG1(DBG_TNC, "insufficient data for PTS Simple Component Evidence "
+                                                 "Verification Policy URI Lenght");
+                       goto end;
+               }
+               if (!reader->read_data(reader, len, &policy_uri))
+               {
+                       DBG1(DBG_TNC, "insufficient data for PTS Simple Component Evidence "
+                                                 "Verification Policy URI");
+                       goto end;
+               }
                 has_validation = TRUE;
         }
         
         /*  Are optional PCR value fields included? */
         if (flags & PTS_SIMPLE_COMP_EVID_FLAG_PCR)
         {
-               reader->read_uint16(reader, &len);
-               reader->read_data(reader, len, &pcr_before);
-               reader->read_data(reader, len, &pcr_after);
+               if (!reader->read_uint16(reader, &len))
+               {
+                       DBG1(DBG_TNC, "insufficient data for PTS Simple Component Evidence "
+                                                 "PCR Value length");
+                       goto end;
+               }
+               if (!reader->read_data(reader, len, &pcr_before))
+               {
+                       DBG1(DBG_TNC, "insufficient data for PTS Simple Component Evidence "
+                                                 "PCR Before Value");
+                       goto end;
+               }
+               if (!reader->read_data(reader, len, &pcr_after))
+               {
+                       DBG1(DBG_TNC, "insufficient data for PTS Simple Component Evidence "
+                                                 "PCR After Value");
+                       goto end;
+               }
                 has_pcr_info = TRUE;
         }
  
@@ -390,6 +416,10 @@ METHOD(pa_tnc_attr_t, process, status_t,
         }
  
         return SUCCESS;
+
+end:
+       reader->destroy(reader);
+       return status;
  }
  
  METHOD(pa_tnc_attr_t, destroy, void,
diff --git a/src/libpts/tcg/tcg_pts_attr_simple_evid_final.c b/src/libpts/tcg/tcg_pts_attr_simple_evid_final.c

index e610da35ce9779f0f7b0450ef0f46fcde03f53c5..7e3dcd0e5e18c569ac2092712bd953e70e8d0bca 100644 (file)
--- a/src/libpts/tcg/tcg_pts_attr_simple_evid_final.c
+++ b/src/libpts/tcg/tcg_pts_attr_simple_evid_final.c
@@ -198,7 +198,7 @@ METHOD(pa_tnc_attr_t, process, status_t,
         u_int8_t flags, reserved;
         u_int16_t algorithm;
         u_int32_t pcr_comp_len, tpm_quote_sig_len, evid_sig_len;
-               
+       status_t status = FAILED;
         
         if (this->value.len < PTS_SIMPLE_EVID_FINAL_SIZE)
         {
@@ -237,9 +237,18 @@ METHOD(pa_tnc_attr_t, process, status_t,
                 reader->read_data(reader, pcr_comp_len, &this->pcr_comp);
                 this->pcr_comp = chunk_clone(this->pcr_comp);
                 
-               /* TODO check if enough message data is available */
-               reader->read_uint32(reader, &tpm_quote_sig_len);
-               reader->read_data(reader, tpm_quote_sig_len, &this->tpm_quote_sig);
+               if (!reader->read_uint32(reader, &tpm_quote_sig_len))
+               {
+                       DBG1(DBG_TNC, "insufficient data for PTS Simple Evidence Final "
+                                                 "TPM Quote Singature Lenght");
+                       goto end;
+               }
+               if (!reader->read_data(reader, tpm_quote_sig_len, &this->tpm_quote_sig))
+               {
+                       DBG1(DBG_TNC, "insufficient data for PTS Simple Evidence Final "
+                                                 "TPM Quote Singature");
+                       goto end;
+               }
                 this->tpm_quote_sig = chunk_clone(this->tpm_quote_sig);
         }
         
@@ -253,6 +262,10 @@ METHOD(pa_tnc_attr_t, process, status_t,
         
         reader->destroy(reader);
         return SUCCESS;
+
+end:
+       reader->destroy(reader);
+       return status;
  }
  
  METHOD(tcg_pts_attr_simple_evid_final_t, get_quote_info, u_int8_t,
author	Sansar Choinyambuu <schoinya@hsr.ch>
	Wed, 23 Nov 2011 14:23:57 +0000 (15:23 +0100)
committer	Andreas Steffen <andreas.steffen@strongswan.org>
	Mon, 28 Nov 2011 20:23:24 +0000 (21:23 +0100)
src/libpts/tcg/tcg_pts_attr_simple_comp_evid.c		patch \| blob \| blame \| history
src/libpts/tcg/tcg_pts_attr_simple_evid_final.c		patch \| blob \| blame \| history