Auth input: Check for NULL termination

When reading auths from a file, add a check that they are NULL terminated. Signed-off-by: Andreas Fuchs <[email protected]>
AndreasFuchsTPM · Jan 31, 2024 · ef052c8 · ef052c8
1 parent 8d24dfa
commit ef052c8
Showing 1 changed file with 7 additions and 0 deletions.
diff --git a/lib/tpm2_auth_util.c b/lib/tpm2_auth_util.c
@@ -118,6 +118,13 @@ static tool_rc get_auth_for_file_param(const char* password, TPM2B_AUTH *auth) {
         size = read;
     }
 
+    /* Check that the buffer is actually \0 terminated */
+    if (buffer[size - i] != '\0') {
+        LOG_ERR("Password content is not Null terminated.");
+        free(buffer);
+        return tool_rc_general_error;
+    }
+
     /* bash here strings and many commands add a trailing newline, if its stdin, kill the newline */
     size_t i;
     for (i = size; i >=  1; i -= 1) {