Coverity scan #3359
Merged
Coverity scan #3359
+11
−8
Conversation
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Signed-off-by: Ajay Kishore <[email protected]>
Added safe directory in config to fix dubious ownership in repository error. Signed-off-by: Ajay Kishore <[email protected]>
- Add safe directory in config Signed-off-by: Ajay Kishore <[email protected]>
Ajay Kishore is added to the maintainers file. Signed-off-by: Juergen Repp <[email protected]>
fix syntax error (a space character is missing) making the test not ending correctly Signed-off-by: lcharpentier-stm <[email protected]>
When tpm2 is placed behind a wrapper, or if not immediately in the PATH, the argv0 may be the full path to the binary. This commit reworks the parsing of the argv0 to only read from its basename. Signed-off-by: Arthur Gautier <[email protected]>
The last example does not work if a resource manager is used. Thus the option -Tdevice:/dev/tpm0 is added to the commands. Signed-off-by: Juergen Repp <[email protected]>
Different padding versions are tested until one is sucessfull. An integration test with rsapss padding is added. Addresses: tpm2-software#3283. Signed-off-by: Juergen Repp <[email protected]>
ek_uri was not freed if get_ek_server_address failed. Signed-off-by: Juergen Repp <[email protected]>
An example with an appropriate algorithm parameter was added. Signed-off-by: Juergen Repp <[email protected]>
A command that should work with no options would fail: ./tools/tpm2 nvdefine ERROR:esys:src/tss2-esys/api/Esys_GetCapability.c:164:Esys_GetCapability_Async() esyscontext is NULL. ERROR:esys:src/tss2-esys/api/Esys_GetCapability.c:83:Esys_GetCapability() Error in async function ErrorCode (0x00070005) ERROR: Esys_NV_ReadPublic(0x70005) - esapi:A pointer is NULL that isn't allowed to be NULL. ERROR: Unable to run nvdefine The handling for the optional and fake TCTI states would get conflated and not initialize an ESAPI context. Clean up the handling and make supporting a fake TCTI it's own option bit to make it less confusing to code. After this the tool works as expected: ./tools/tpm2 nvdefine nv-index: 0x1000000 Fixes: tpm2-software#3314 Signed-off-by: Bill Roberts <[email protected]>
Fixes:
./tools/tpm2 nvread
WARN: Reading full size of the NV index
ERROR: object string is empty
ERROR: Invalid handle authorization.
ERROR: Unable to run nvread
with:
./tools/tpm2 nvread
ERROR: Must specify NV index argument
Usage: nvread [<options>] <arguments>
Where <options> are:
[ -C | --hierarchy=<value>] [ -o | --output=<value>] [ -s | --size=<value>] [ --offset=<value>]
[ --cphash=<value>] [ --rphash=<value>] [ -n | --name=<value>] [ -P | --auth=<value>]
[ -S | --session=<value>] [ --print-yaml]
Signed-off-by: Bill Roberts <[email protected]>
Signed-off-by: Simon Brand <[email protected]>
tpm2_tool.c did not compile without the include libgen.h on netbsd. Fixes: tpm2-software#3321 Signed-off-by: Juergen Repp <[email protected]>
If continue session was disabled a error did occur in the function for restoring the session context. Now after usage of an session with continue session disabled the context will not be saved and the session context file will be deleted. In one integration test continue session is now disabled and the flush for this session is removed. Fixes: tpm2-software#3295 Signed-off-by: Juergen Repp <[email protected]>
If efivar.h exist a pretty print function for the DevicePath is executed. Therefore two yaml test files are needed for the bin test file uefiservices. Fixes tpm2-software#3302. Signed-off-by: Juergen Repp <[email protected]>
This behavior would not be backwards compat, but this patch does the bare minimum so we can just revert it on the next major release. Signed-off-by: Bill Roberts <[email protected]>
Fixes tpm2-software#3286 Signed-off-by: John Hein <[email protected]>
If an input file is shorter that the size expressed in the command header, then we will not do a correct abort. The fix is to also call feof() and error out. Signed-off-by: Andreas Fuchs <[email protected]> Signed-off-by: Bill Roberts <[email protected]>
for all eventlog files a raw and pretty print yaml format is created. These files are copied depending on the existence of efivar.h Fixes: tpm2-software#3327 Signed-off-by: Juergen Repp <[email protected]>
Fixes the test on BE machines by making the pointers const and thus not needing to check if underlying function is modifying things by checking the expected LE output of casting a BE scalar. Make it all const interface and let the compiler enforce that idiom. Signed-off-by: Bill Roberts <[email protected]>
Signed-off-by: fly2x <[email protected]>
* The tss compilation with tcti-libtpms is currently not possible for FreeBSD. * pandock will be installed. Signed-off-by: Juergen Repp <[email protected]>
Ubuntu 18.04 will not be supported for the next tss version. Thus Ubuntu 18.04 has to be removed from the tool CI for master-tss-build-test. Signed-off-by: Juergen Repp <[email protected]>
Bumps [jinja2](https://github.com/pallets/jinja) from 3.0.3 to 3.1.3. - [Release notes](https://github.com/pallets/jinja/releases) - [Changelog](https://github.com/pallets/jinja/blob/main/CHANGES.rst) - [Commits](pallets/jinja@3.0.3...3.1.3) --- updated-dependencies: - dependency-name: jinja2 dependency-type: direct:production ... Signed-off-by: dependabot[bot] <[email protected]>
configure scripts need to be runnable with a POSIX-compliant /bin/sh. On many (but not all!) systems, /bin/sh is provided by Bash, so errors like this aren't spotted. Notably Debian defaults to /bin/sh provided by dash which doesn't tolerate such bashisms as '=='. This retains compatibility with bash. Fixes configure warnings/errors like: ``` checking for libcurl... yes ./configure: 15201: test: xauto: unexpected operator ./configure: 15286: test: xauto: unexpected operator checking for efivar/efivar.h... yes ``` This fixes a build error later on too: ``` /usr/lib/gcc/x86_64-pc-linux-gnu/14/../../../../x86_64-pc-linux-gnu/bin/ld: lib/libcommon.a(libcommon_a-tpm2_eventlog_yaml.o): in function `yaml_devicepath': tpm2_eventlog_yaml.c:(.text.yaml_devicepath+0x2f): undefined reference to `efidp_format_device_path' /usr/lib/gcc/x86_64-pc-linux-gnu/14/../../../../x86_64-pc-linux-gnu/bin/ld: tpm2_eventlog_yaml.c:(.text.yaml_devicepath+0x61): undefined reference to `efidp_format_device_path' ``` Bug: https://bugs.gentoo.org/922592 Signed-off-by: Sam James <[email protected]>
If the environment variable TPM2TOOLS_AUTOFLUSH exists transient objects will be removed after they were saved and stored to disk. Also a transient parent will be removed if a context file for this parent was used by this command. For the commands which will check the autoflush also an option -R is added to enable the autoflush independent from the environment variable. -R was added to several commands in one integration test. Addresses: tpm2-software#1511 Signed-off-by: Juergen Repp <[email protected]>
To fix the error "Config validation error in build.os. Value build not found". Signed-off-by: Juergen Repp <[email protected]>
When reading auths from a file, make sure they are 0-terminated. Signed-off-by: Andreas Fuchs <[email protected]>
The format directive %lu for size_t could not be compiled on 32 bit systems. %zu is now used instead of %l Signed-off-by: Juergen Repp <[email protected]>
gcc version 10.2.1 on raspian 10.2.1 did produce the compile error "may be used uninitialized". The error was not possible. To enable compilation the affected variable is initialized. Signed-off-by: Juergen Repp <[email protected]>
The function tpm2_util_env_yes did check the name of the variable instead of the value. Fixes: tpm2-software#3353 Signed-off-by: Juergen Repp <[email protected]>
The function load_public_RSA_from_key did not allow key size 3072. Signed-off-by: Juergen Repp <[email protected]>
AndreasFuchsTPM
merged commit 292cff5
into
tpm2-software:coverity_scan
33 of 34 checks passed
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
No description provided.