Vicky Lo
2014-10-23 21:30:59 UTC
This is an automated email from the git hooks/post-receive script. It was
generated because a ref change was pushed to the repository containing
the project "Trousers".
The branch, master has been updated
via c812ff1632bd8eb55f26770d6c3ad13776c06d12 (commit)
via a4706485a68808a03a38384887faf6b94e2171b1 (commit)
via 092b972d57901a086a806f2a9f4d689e0f2a7432 (commit)
from a6df7c64ee57971974f3fe264f76645ad50d874f (commit)
Those revisions listed above that are new to this repository have
not appeared on any other notification email; so we list those
revisions in full, below.
- Log -----------------------------------------------------------------
http://trousers.git.sourceforge.net/git/gitweb.cgi?p=trousers/trousers;a=commitdiff;h=c812ff1632bd8eb55f26770d6c3ad13776c06d12
commit c812ff1632bd8eb55f26770d6c3ad13776c06d12
Merge: 092b972 a470648
Author: Hon Ching Lo <***@gmail.com>
Date: Tue Sep 30 21:38:41 2014 -0400
Merge branch 'tspi_pci' into develop
http://trousers.git.sourceforge.net/git/gitweb.cgi?p=trousers/trousers;a=commitdiff;h=a4706485a68808a03a38384887faf6b94e2171b1
commit a4706485a68808a03a38384887faf6b94e2171b1
Author: Hon Ching Lo <***@gmail.com>
Date: Tue Sep 30 21:08:14 2014 -0400
[PATCH] Enable GetCompositeHash for PCRS_STRUCT_INFO (v1.1)
Tested-by: Richard Maciel<***@linux.vnet.ibm.com>
Signed-off by: Andreas Fuchs <***@sit.fraunhofer.de>
Acked-by: Hon Ching Lo <***@gmail.com>
diff --git a/src/tspi/obj_pcrs.c b/src/tspi/obj_pcrs.c
index 4430300..6476e5c 100644
--- a/src/tspi/obj_pcrs.c
+++ b/src/tspi/obj_pcrs.c
@@ -360,8 +360,13 @@ obj_pcrs_get_digest_at_release(TSS_HPCRS hPcrs, UINT32 *size, BYTE **out)
switch(pcrs->type) {
case TSS_PCRS_STRUCT_INFO:
+#ifdef TSS_SPEC_COMPLIANCE
result = TSPERR(TSS_E_INVALID_OBJ_ACCESS);
goto done;
+#else
+ digest = (BYTE *)&pcrs->info.info11.digestAtRelease;
+ break;
+#endif
case TSS_PCRS_STRUCT_INFO_SHORT:
digest = (BYTE *)&pcrs->info.infoshort.digestAtRelease;
break;
http://trousers.git.sourceforge.net/git/gitweb.cgi?p=trousers/trousers;a=commitdiff;h=092b972d57901a086a806f2a9f4d689e0f2a7432
commit 092b972d57901a086a806f2a9f4d689e0f2a7432
Author: Hon Ching Lo <***@2014@gmail.com>
Date: Tue Sep 30 17:18:25 2014 -0400
Fix for an exploitable local denial of service in tcsd
Reported-by: Peter Huewe <***@gmx.de>
Tested-by: Peter Huewe <***@gmx.de>
Signed-off-by: Andreas Fuchs <***@sit.fraunhofer.de>
Acked-by: Hon Ching Lo <***@gmail.com>
diff --git a/src/tcsd/tcsd_threads.c b/src/tcsd/tcsd_threads.c
index e97f649..9fd8f9f 100644
--- a/src/tcsd/tcsd_threads.c
+++ b/src/tcsd/tcsd_threads.c
@@ -165,7 +165,8 @@ out:
/* cleanup in case of error */
if (rc != TCS_SUCCESS) {
if (hostname != NULL) {
- tm->thread_data[thread_num].hostname = NULL;
+ if (thread_num != -1)
+ tm->thread_data[thread_num].hostname = NULL;
free(hostname);
}
close(socket);
diff --git a/src/tspi/obj_pcrs.c b/src/tspi/obj_pcrs.c
index 4430300..6476e5c 100644
--- a/src/tspi/obj_pcrs.c
+++ b/src/tspi/obj_pcrs.c
@@ -360,8 +360,13 @@ obj_pcrs_get_digest_at_release(TSS_HPCRS hPcrs, UINT32 *size, BYTE **out)
switch(pcrs->type) {
case TSS_PCRS_STRUCT_INFO:
+#ifdef TSS_SPEC_COMPLIANCE
result = TSPERR(TSS_E_INVALID_OBJ_ACCESS);
goto done;
+#else
+ digest = (BYTE *)&pcrs->info.info11.digestAtRelease;
+ break;
+#endif
case TSS_PCRS_STRUCT_INFO_SHORT:
digest = (BYTE *)&pcrs->info.infoshort.digestAtRelease;
break;
-----------------------------------------------------------------------
Summary of changes:
src/tcsd/tcsd_threads.c | 3 ++-
src/tspi/obj_pcrs.c | 5 +++++
2 files changed, 7 insertions(+), 1 deletions(-)
hooks/post-receive
generated because a ref change was pushed to the repository containing
the project "Trousers".
The branch, master has been updated
via c812ff1632bd8eb55f26770d6c3ad13776c06d12 (commit)
via a4706485a68808a03a38384887faf6b94e2171b1 (commit)
via 092b972d57901a086a806f2a9f4d689e0f2a7432 (commit)
from a6df7c64ee57971974f3fe264f76645ad50d874f (commit)
Those revisions listed above that are new to this repository have
not appeared on any other notification email; so we list those
revisions in full, below.
- Log -----------------------------------------------------------------
http://trousers.git.sourceforge.net/git/gitweb.cgi?p=trousers/trousers;a=commitdiff;h=c812ff1632bd8eb55f26770d6c3ad13776c06d12
commit c812ff1632bd8eb55f26770d6c3ad13776c06d12
Merge: 092b972 a470648
Author: Hon Ching Lo <***@gmail.com>
Date: Tue Sep 30 21:38:41 2014 -0400
Merge branch 'tspi_pci' into develop
http://trousers.git.sourceforge.net/git/gitweb.cgi?p=trousers/trousers;a=commitdiff;h=a4706485a68808a03a38384887faf6b94e2171b1
commit a4706485a68808a03a38384887faf6b94e2171b1
Author: Hon Ching Lo <***@gmail.com>
Date: Tue Sep 30 21:08:14 2014 -0400
[PATCH] Enable GetCompositeHash for PCRS_STRUCT_INFO (v1.1)
Tested-by: Richard Maciel<***@linux.vnet.ibm.com>
Signed-off by: Andreas Fuchs <***@sit.fraunhofer.de>
Acked-by: Hon Ching Lo <***@gmail.com>
diff --git a/src/tspi/obj_pcrs.c b/src/tspi/obj_pcrs.c
index 4430300..6476e5c 100644
--- a/src/tspi/obj_pcrs.c
+++ b/src/tspi/obj_pcrs.c
@@ -360,8 +360,13 @@ obj_pcrs_get_digest_at_release(TSS_HPCRS hPcrs, UINT32 *size, BYTE **out)
switch(pcrs->type) {
case TSS_PCRS_STRUCT_INFO:
+#ifdef TSS_SPEC_COMPLIANCE
result = TSPERR(TSS_E_INVALID_OBJ_ACCESS);
goto done;
+#else
+ digest = (BYTE *)&pcrs->info.info11.digestAtRelease;
+ break;
+#endif
case TSS_PCRS_STRUCT_INFO_SHORT:
digest = (BYTE *)&pcrs->info.infoshort.digestAtRelease;
break;
http://trousers.git.sourceforge.net/git/gitweb.cgi?p=trousers/trousers;a=commitdiff;h=092b972d57901a086a806f2a9f4d689e0f2a7432
commit 092b972d57901a086a806f2a9f4d689e0f2a7432
Author: Hon Ching Lo <***@2014@gmail.com>
Date: Tue Sep 30 17:18:25 2014 -0400
Fix for an exploitable local denial of service in tcsd
Reported-by: Peter Huewe <***@gmx.de>
Tested-by: Peter Huewe <***@gmx.de>
Signed-off-by: Andreas Fuchs <***@sit.fraunhofer.de>
Acked-by: Hon Ching Lo <***@gmail.com>
diff --git a/src/tcsd/tcsd_threads.c b/src/tcsd/tcsd_threads.c
index e97f649..9fd8f9f 100644
--- a/src/tcsd/tcsd_threads.c
+++ b/src/tcsd/tcsd_threads.c
@@ -165,7 +165,8 @@ out:
/* cleanup in case of error */
if (rc != TCS_SUCCESS) {
if (hostname != NULL) {
- tm->thread_data[thread_num].hostname = NULL;
+ if (thread_num != -1)
+ tm->thread_data[thread_num].hostname = NULL;
free(hostname);
}
close(socket);
diff --git a/src/tspi/obj_pcrs.c b/src/tspi/obj_pcrs.c
index 4430300..6476e5c 100644
--- a/src/tspi/obj_pcrs.c
+++ b/src/tspi/obj_pcrs.c
@@ -360,8 +360,13 @@ obj_pcrs_get_digest_at_release(TSS_HPCRS hPcrs, UINT32 *size, BYTE **out)
switch(pcrs->type) {
case TSS_PCRS_STRUCT_INFO:
+#ifdef TSS_SPEC_COMPLIANCE
result = TSPERR(TSS_E_INVALID_OBJ_ACCESS);
goto done;
+#else
+ digest = (BYTE *)&pcrs->info.info11.digestAtRelease;
+ break;
+#endif
case TSS_PCRS_STRUCT_INFO_SHORT:
digest = (BYTE *)&pcrs->info.infoshort.digestAtRelease;
break;
-----------------------------------------------------------------------
Summary of changes:
src/tcsd/tcsd_threads.c | 3 ++-
src/tspi/obj_pcrs.c | 5 +++++
2 files changed, 7 insertions(+), 1 deletions(-)
hooks/post-receive
--
Trousers
------------------------------------------------------------------------------
Trousers
------------------------------------------------------------------------------