Google Git
Sign in
android / platform / external / tpm2-tss / b7cd1dea
commitb7cd1deaa9c3151d7501ffcb1b507679b1cc6855[log] [tgz]
authorDaniel Mueller <deso@posteo.net>Sun Apr 16 22:53:45 2017 -0700
committerPhilip Tricca <philip.b.tricca@intel.com>Wed May 03 08:20:15 2017 -0700
treeed32cc1eb8e980a7c9ff4851c26a7e130c5354ea
parenta43c48fe781db54158a69f3e058a6740d8883e30 [diff]
fix off-by-one error in CheckOverflow

The overflow check as provided by CheckOverflow contains an off-by-one
error causing an out-of-bounds read by one byte to not be detected
properly. The used size should be calculated as
  usedSize = (INT64)(nextData - buffer) + size;
and not
  usedSize = (INT64)(nextData - buffer) - 1 + size;

For the latter case, consider the attempt of reading the very first two
bytes from a buffer of one byte size. 'usedSize' will be 1 (0x1000 -
0x1000 - 1 + 2). Because 'usedSize' is not greater than 'bufferSize'
(also 1), we will not detect the out-of-bounds read.
This change fixes the issue by removing the addend of -1.
1 file changed
tree: ed32cc1eb8e980a7c9ff4851c26a7e130c5354ea
  1. common/
  2. contrib/
  3. doc/
  4. include/
  5. lib/
  6. resourcemgr/
  7. sysapi/
  8. tcti/
  9. test/
  10. .gitattributes
  11. .gitignore
  12. .travis.yml
  13. AUTHORS
  14. bootstrap
  15. CHANGELOG.md
  16. configure.ac
  17. INSTALL
  18. LICENSE
  19. MAINTAINERS
  20. Makefile.am
  21. README.md
README.md

Build Status

TPM (Trusted Platform Module) 2.0 Software Stack (TSS):

This stack consists of the following layers from top to bottom:

  • Feature API (FAPI), see specification 0.12, (published but still in progress and unimplemented)
  • Enhanced System API (ESAPI), (specification in progress and unimplemented)
  • System API (SAPI), see 1.0 specification, (public, 0.97 implementation complete). This layer implements the system layer API level of the TSS 2.0 specification. These functions can be used to access all TPM 2.0 functions as described in Part 3 of the TPM 2.0 specification. The usefulness of this code extends to all users of the TPM, even those not planning to use the upper layers of the TSS.
  • TPM Command Transmission Interface (TCTI), used by SAPI to communicate with next lower layer (either the TAB/RM or TPM 2.0 device driver), see SAPI specification
  • Trusted Access Broker/Resource Manager (TAB/RM), see 0.91 specification, (public, implementation complete). This layer sits between the system API library code and the TPM. It is a daemon that handles all multi-process coordination and manages the TPM's internal resources transparently to applications.

Since the FAPI and ESAPI haven't been implemented yet, this repository only contains the SAPI and layers below it, plus a test application for exercising the SAPI.

The test application, tpmclient, tests many of the commands against the TPM 2.0 simulator. The tpmclient application can be altered and used as a sandbox to test and develop any TPM 2.0 command sequences, and provides an excellent development and learning vehicle.

Build and Installation Instructions:

Run Instructions

Architecture/Block Diagram

Code Layout

Resources

TPM 2.0 specifications can be found at Trusted Computing Group.