repart: avoid use of uninitialized TPM2B_PUBLIC data

The 'TPM2B public' struct is only initialized if the public key
is non-NULL, however, it is unconditionally passed to
tpm2_calculate_sealing_policy, resulting in use of uninitialized
data. If the uninitialized data is lucky enough to be all zeroes,
this results eventually results in an error message from
tpm2_calculate_name about an unsupported nameAlg field value.

Signed-off-by: Daniel P. Berrangé <berrange@redhat.com>

diff --git a/src/partition/repart.c b/src/partition/repart.c
index 91cb87a7b9b81f34e8d49793d74c08bc481d4a5e..20c30c1e15c65fe06c1a82df16adde5ba13c5ebc 100644 (file)
--- a/src/partition/repart.c
+++ b/src/partition/repart.c
@@ -3825,7 +3825,7 @@ static int partition_encrypt(Context *context, Partition *p, PartitionTarget *ta
                 }
 
                 TPM2B_DIGEST policy = TPM2B_DIGEST_MAKE(NULL, TPM2_SHA256_DIGEST_SIZE);
-                r = tpm2_calculate_sealing_policy(arg_tpm2_hash_pcr_values, arg_tpm2_n_hash_pcr_values, &public, /* use_pin= */ false, &policy);
+                r = tpm2_calculate_sealing_policy(arg_tpm2_hash_pcr_values, arg_tpm2_n_hash_pcr_values, pubkey ? &public : NULL, /* use_pin= */ false, &policy);
                 if (r < 0)
                         return log_error_errno(r, "Could not calculate sealing policy digest: %m");