Google Git
Sign in
cos / third_party / overlays / chromiumos-overlay / f35bcfec90d3e6dbee5410f9ee4de6b5e31c88d2 / . / chromeos-base / arc-keymaster / files / keymaster-assert-fix.patch
blob: 59490dfb682aff2a84d84e3c8c0eb81e652d5053 [file] [log] [blame]
commit 1d0b369d8131d8a7151188e3364a89cef2a5b93e
Author: Yao Li <yaohuali@google.com>
Date: Mon Aug 28 13:53:10 2023
[PATCH] keymaster: return error rather than assert
There has been crash report caused by the assert under case KM_BOOL, in build_auth_list().
The later version of Android has ASSERT_OR_RETURN_ERROR to avoid doing
assert in release build.
Bug: 291450576
Test: atest CtsKeystoreTestCases
Change-Id: Ic7b11672c12f4c96a204d3ac42ff220c3fded73e
diff --git a/km_openssl/attestation_record.cpp b/km_openssl/attestation_record.cpp
index f59a9f3..58d9a94 100644
--- a/km_openssl/attestation_record.cpp
+++ b/km_openssl/attestation_record.cpp
@@ -24,6 +24,14 @@
#include <keymaster/km_openssl/openssl_err.h>
#include <keymaster/km_openssl/openssl_utils.h>
+#define ASSERT_OR_RETURN_ERROR(stmt, error) \
+ do { \
+ assert(stmt); \
+ if (!(stmt)) { \
+ return error; \
+ } \
+ } while (0)
+
namespace keymaster {
constexpr uint kCurrentKeymasterVersion = 3;
@@ -96,7 +104,7 @@ static keymaster_error_t insert_integer(ASN1_INTEGER* value, ASN1_INTEGER** dest
// Put the contents of the keymaster AuthorizationSet auth_list in to the ASN.1 record structure,
// record.
keymaster_error_t build_auth_list(const AuthorizationSet& auth_list, KM_AUTH_LIST* record) {
- assert(record);
+ ASSERT_OR_RETURN_ERROR(record, KM_ERROR_UNEXPECTED_NULL_POINTER);
if (auth_list.empty())
return KM_ERROR_OK;
@@ -269,8 +277,9 @@ keymaster_error_t build_auth_list(const AuthorizationSet& auth_list, KM_AUTH_LIS
case KM_ENUM_REP:
case KM_UINT:
case KM_UINT_REP: {
- assert((keymaster_tag_repeatable(entry.tag) && integer_set) ||
- (!keymaster_tag_repeatable(entry.tag) && integer_ptr));
+ ASSERT_OR_RETURN_ERROR((keymaster_tag_repeatable(entry.tag) && integer_set) ||
+ (!keymaster_tag_repeatable(entry.tag) && integer_ptr),
+ KM_ERROR_INVALID_TAG);
UniquePtr<ASN1_INTEGER, ASN1_INTEGER_Delete> value(ASN1_INTEGER_new());
if (!value.get())
@@ -285,8 +294,9 @@ keymaster_error_t build_auth_list(const AuthorizationSet& auth_list, KM_AUTH_LIS
case KM_ULONG:
case KM_ULONG_REP:
case KM_DATE: {
- assert((keymaster_tag_repeatable(entry.tag) && integer_set) ||
- (!keymaster_tag_repeatable(entry.tag) && integer_ptr));
+ ASSERT_OR_RETURN_ERROR((keymaster_tag_repeatable(entry.tag) && integer_set) ||
+ (!keymaster_tag_repeatable(entry.tag) && integer_ptr),
+ KM_ERROR_INVALID_TAG);
UniquePtr<BIGNUM, BIGNUM_Delete> bn_value(BN_new());
if (!bn_value.get())
@@ -312,7 +322,7 @@ keymaster_error_t build_auth_list(const AuthorizationSet& auth_list, KM_AUTH_LIS
}
case KM_BOOL:
- assert(bool_ptr);
+ ASSERT_OR_RETURN_ERROR(bool_ptr, KM_ERROR_INVALID_TAG);
if (!*bool_ptr)
*bool_ptr = ASN1_NULL_new();
if (!*bool_ptr)
@@ -321,7 +331,7 @@ keymaster_error_t build_auth_list(const AuthorizationSet& auth_list, KM_AUTH_LIS
/* Byte arrays*/
case KM_BYTES:
- assert(string_ptr);
+ ASSERT_OR_RETURN_ERROR(string_ptr, KM_ERROR_INVALID_TAG);
if (!*string_ptr)
*string_ptr = ASN1_OCTET_STRING_new();
if (!*string_ptr)