| Message ID | 1473677010-13737-1-git-send-email-jarkko.sakkinen@linux.intel.com (mailing list archive) |
|---|---|
| State | New, archived |
| Headers | show |
On Mon, Sep 12, 2016 at 01:43:30PM +0300, Jarkko Sakkinen wrote: > tpm_transmit() does not check that bufsiz is at least TPM_HEADER_SIZE > before accessing data. This commit adds the check and returns -ENOMEM. -EINVAL > v2: Updated commit msg After the diffstat, do not commit that to the tree Jason ------------------------------------------------------------------------------ What NetFlow Analyzer can do for you? Monitors network bandwidth and traffic patterns at an interface-level. Reveals which users, apps, and protocols are consuming the most bandwidth. Provides multi-vendor support for NetFlow, J-Flow, sFlow and other flows. Make informed decisions using capacity planning reports. http://sdm.link/zohodev2dev
On Mon, Sep 12, 2016 at 11:32:19AM -0600, Jason Gunthorpe wrote: > On Mon, Sep 12, 2016 at 01:43:30PM +0300, Jarkko Sakkinen wrote: > > tpm_transmit() does not check that bufsiz is at least TPM_HEADER_SIZE > > before accessing data. This commit adds the check and returns -ENOMEM. > > -EINVAL > > > v2: Updated commit msg > > After the diffstat, do not commit that to the tree Duh, right. Thanks. > Jason /Jarkko ------------------------------------------------------------------------------ What NetFlow Analyzer can do for you? Monitors network bandwidth and traffic patterns at an interface-level. Reveals which users, apps, and protocols are consuming the most bandwidth. Provides multi-vendor support for NetFlow, J-Flow, sFlow and other flows. Make informed decisions using capacity planning reports. http://sdm.link/zohodev2dev
diff --git a/drivers/char/tpm/tpm-interface.c b/drivers/char/tpm/tpm-interface.c index fd863ff..6a67f7f 100644 --- a/drivers/char/tpm/tpm-interface.c +++ b/drivers/char/tpm/tpm-interface.c @@ -337,6 +337,9 @@ ssize_t tpm_transmit(struct tpm_chip *chip, const u8 *buf, size_t bufsiz, u32 count, ordinal; unsigned long stop; + if (bufsiz < TPM_HEADER_SIZE) + return -EINVAL; + if (bufsiz > TPM_BUFSIZE) bufsiz = TPM_BUFSIZE;
tpm_transmit() does not check that bufsiz is at least TPM_HEADER_SIZE before accessing data. This commit adds the check and returns -ENOMEM. v2: Updated commit msg Signed-off-by: Jarkko Sakkinen <jarkko.sakkinen@linux.intel.com> --- drivers/char/tpm/tpm-interface.c | 3 +++ 1 file changed, 3 insertions(+)