Google Git
Sign in
cos / third_party / platform / vboot_reference / d3455ac0873b03cd6af0650a069bb4ccd119d68f
commitd3455ac0873b03cd6af0650a069bb4ccd119d68f[log] [tgz]
authorEvan Green <evgreen@chromium.org>Thu May 13 10:49:08 2021 -0700
committerCommit Bot <commit-bot@chromium.org>Fri May 14 20:06:58 2021 +0000
tree99b5c3be76c59ecc6b6dfe2213722dcb954351dc
parente681c371484b50c0cc35d91123b176acdc2449eb [diff]
tpmc: Use char sentinel in HexStringToUint32()

HexStringToUint32() uses sscanf(), scanning in a hex value, and
capturing the tail as well to figure out if the user passed in too much.
Switch to using a char for that overflow detection rather than a string
to avoid stack corruption. For example:

localhost# tpmc pcrread 999999999999999999999
*** stack smashing detected ***: terminated
Aborted (core dumped)

BUG=None
BRANCH=main
TEST=stop trunksd; tpmc pcrread 999999999999999999999

Signed-off-by: Evan Green <evgreen@chromium.org>
Change-Id: Idefec979d5cf6ab8a83da8654ed5591158807395
Reviewed-on: https://chromium-review.googlesource.com/c/chromiumos/platform/vboot_reference/+/2893695
Reviewed-by: Andrey Pronin <apronin@chromium.org>
Reviewed-by: Julius Werner <jwerner@chromium.org>
1 file changed
tree: 99b5c3be76c59ecc6b6dfe2213722dcb954351dc
  1. cgpt/
  2. firmware/
  3. futility/
  4. host/
  5. scripts/
  6. tests/
  7. utility/
  8. .clang-format
  9. .gitignore
  10. Android.mk
  11. emerge_test.sh
  12. LICENSE
  13. Makefile
  14. OWNERS
  15. PRESUBMIT.cfg
  16. README
  17. unblocked_terms.txt
  18. vboot_host.pc.in