fix segmentation fault on tpm2

2021-04-30 09:34:46 +08:00 · 2021-04-30 09:34:46 +08:00 · dd12c7a2a4
commit dd12c7a2a4
parent 558b88d4f3
2 changed files with 50 additions and 1 deletions
--- a/backport-Don-t-assume-end-of-argv-is-NULL.patch
+++ b/backport-Don-t-assume-end-of-argv-is-NULL.patch
@ -0,0 +1,43 @@
+From fb1e0d98eca5279bf33304deedd9019b0130393a Mon Sep 17 00:00:00 2001
+From: Erik Larsson <who+github@cnackers.org>
+Date: Sat, 21 Nov 2020 10:59:13 +0100
+Subject: [PATCH] Don't assume end of argv is NULL
+
+On a musl based system argv[optind] && strcmp(...) where optind > argc might read random memory and segfault.
+
+Signed-off-by: Erik Larsson <who+github@cnackers.org>
+---
+ lib/tpm2_options.c | 6 +++---
+ 1 file changed, 3 insertions(+), 3 deletions(-)
+
+diff --git a/lib/tpm2_options.c b/lib/tpm2_options.c
+index e9aaa0364..9fa583c60 100644
+--- a/lib/tpm2_options.c
+++ b/lib/tpm2_options.c
+@@ -300,7 +300,7 @@ tpm2_option_code tpm2_handle_options(int argc, char **argv,
+             if (argv[optind - 1]) {
+                 if (!strcmp(argv[optind - 1], "--help=no-man") ||
+                     !strcmp(argv[optind - 1], "-h=no-man") ||
+-                    (argv[optind] && !strcmp(argv[optind], "no-man"))) {
+                    (argc < optind && !strcmp(argv[optind], "no-man"))) {
+                     manpager = false;
+                     optind++;
+                 /*
+@@ -309,7 +309,7 @@ tpm2_option_code tpm2_handle_options(int argc, char **argv,
+                  */
+                 } else if (!strcmp(argv[optind - 1], "--help=man") ||
+                            !strcmp(argv[optind - 1], "-h=man") ||
+-                           (argv[optind] && !strcmp(argv[optind], "man"))) {
+                           (argc < optind && !strcmp(argv[optind], "man"))) {
+                     manpager = true;
+                     explicit_manpager = true;
+                     optind++;
+@@ -318,7 +318,7 @@ tpm2_option_code tpm2_handle_options(int argc, char **argv,
+                      * argv[0] = "tool name"
+                      * argv[1] = "--help" argv[2] = 0
+                      */
+-                    if (!argv[optind] && argc == 2) {
+                    if (optind >= argc && argc == 2) {
+                         manpager = false;
+                     } else {
+                         /*
--- a/tpm2-tools.spec
+++ b/tpm2-tools.spec
@ -1,15 +1,18 @@
 Name:          tpm2-tools
 Version:       5.0
-Release:       1
+Release:       2
 Summary:       A TPM2.0 testing tool based on TPM2.0-TSS
 License:       BSD
 URL:           https://github.com/tpm2-software/tpm2-tools
 Source0:       https://github.com/tpm2-software/tpm2-tools/releases/download/%{version}/%{name}-%{version}.tar.gz

+Patch0:        backport-Don-t-assume-end-of-argv-is-NULL.patch
+
 BuildRequires: gcc-c++ libtool autoconf-archive pkgconfig(cmocka) pkgconfig(libcurl) pkgconfig(openssl)
 BuildRequires: pkgconfig(tss2-mu) pkgconfig(tss2-sys) pkgconfig(tss2-esys) pkgconfig(uuid) git libgcrypt
 BuildRequires: libgcrypt-devel gdb
 Requires:  tpm2-tss >= 2.3.1
+Requires:  tpm2-tools-help = %{version}-%{release}
 Obsoletes: tpm2-tools <= 2.1.1-2

 %description
@ -55,6 +58,9 @@ make check
 %{_mandir}/*/*

 %changelog
+* Fri Apr 30 2021 Hugel <gengqihu1@huawei.com> - 5.0-2
+- fix segmentation fault on tpm2
+
 * Mon Jan 25 2021 panxiaohe <panxiaohe@huawei.com> - 5.0-1
 - update to 5.0