From a5ce2f0b23324805512fd3f40212a4abe978813e Mon Sep 17 00:00:00 2001 From: Andreas Steffen Date: Thu, 29 May 2014 13:05:39 +0200 Subject: [PATCH] Detect oversize SWID tags --- src/libpts/plugins/imc_swid/imc_swid.c | 17 ++++++++++++++--- 1 file changed, 14 insertions(+), 3 deletions(-) diff --git a/src/libpts/plugins/imc_swid/imc_swid.c b/src/libpts/plugins/imc_swid/imc_swid.c index 477b3b1f42..ef3a6a3e39 100644 --- a/src/libpts/plugins/imc_swid/imc_swid.c +++ b/src/libpts/plugins/imc_swid/imc_swid.c @@ -138,7 +138,7 @@ static bool add_swid_inventory(imc_state_t *state, imc_msg_t *msg, uint32_t request_id, bool full_tags, swid_inventory_t *targets) { - pa_tnc_attr_t *attr, *attr_angel; + pa_tnc_attr_t *attr, *attr_angel, *attr_error; imc_swid_state_t *swid_state; swid_inventory_t *swid_inventory; char *swid_directory, *swid_generator; @@ -165,9 +165,9 @@ static bool add_swid_inventory(imc_state_t *state, imc_msg_t *msg, targets, swid_pretty, swid_full)) { swid_inventory->destroy(swid_inventory); - attr = swid_error_create(TCG_SWID_ERROR, request_id, + attr_error = swid_error_create(TCG_SWID_ERROR, request_id, 0, "error in SWID tag collection"); - msg->add_attribute(msg, attr); + msg->add_attribute(msg, attr_error); return FALSE; } DBG1(DBG_IMC, "collected %d SWID tag%s%s", @@ -201,6 +201,17 @@ static bool add_swid_inventory(imc_state_t *state, imc_msg_t *msg, encoding = tag->get_encoding(tag); entry_size = 2 + tag_file_path.len + 4 + encoding.len; + /* Check for oversize tags that cannot be transported */ + if (PA_TNC_ATTR_HEADER_SIZE + TCG_SWID_TAG_INV_MIN_SIZE + + entry_size > max_attr_size) + { + attr_error = swid_error_create(TCG_SWID_RESPONSE_TOO_LARGE, + request_id, max_attr_size, + "oversize SWID tag omitted"); + msg->add_attribute(msg, attr_error); + continue; + } + if (attr_size + entry_size > max_attr_size) { if (first) -- 2.47.2