Skip to content

Commit

Permalink
FAPI: Fix missing scanf checks.
Browse files Browse the repository at this point in the history 
In several cases the return value of scanf was not checked.
Thus afterwards acces to variables not initialized was possible.

Signed-off-by: Juergen Repp <juergen_repp@web.de>
  • Loading branch information
@JuergenReppSIT
JuergenReppSIT committed Oct 31, 2024
1 parent 1c084b0 commit c51e66c
Showing 1 changed file with 4 additions and 4 deletions.
8 changes: 4 additions & 4 deletions src/tss2-fapi/ifapi_helpers.c
View file
Original file line number Diff line number Diff line change
Expand Up @@ -85,8 +85,8 @@ ifapi_set_key_flags(const char *type, bool policy, IFAPI_KEY_TEMPLATE *template)
} else if (strcasecmp(flag, "noda") == 0) {
attributes |= TPMA_OBJECT_NODA;
} else if (strncmp(flag, "0x", 2) == 0) {
sscanf(&flag[2], "%"SCNx32 "%n", &handle, &pos);
if ((size_t)pos != strlen(flag) - 2) {
if (sscanf(&flag[2], "%"SCNx32 "%n", &handle, &pos) < 1 ||
(size_t)pos != strlen(flag) - 2) {
goto_error(r, TSS2_FAPI_RC_BAD_VALUE, "Invalid flag: %s",
error, flag);
}
Expand Down Expand Up @@ -182,8 +182,8 @@ ifapi_set_nv_flags(const char *type, IFAPI_NV_TEMPLATE *template,
} else if (strcasecmp(flag, "noda") == 0) {
attributes |= TPMA_NV_NO_DA;
} else if (strncmp(flag, "0x", 2) == 0) {
sscanf(&flag[2], "%"SCNx32 "%n", &handle, &pos);
if ((size_t)pos != strlen(flag) - 2) {
if (sscanf(&flag[2], "%"SCNx32 "%n", &handle, &pos) < 1 ||
(size_t)pos != strlen(flag) - 2) {
goto_error(r, TSS2_FAPI_RC_BAD_VALUE, "Invalid flag: %s",
error, flag);
}
Expand Down

0 comments on commit c51e66c

Please sign in to comment.