summaryrefslogtreecommitdiff
path: root/src/lib/tpm2_marshaling.h
diff options
context:
space:
mode:
authorVadim Bendebury <vbendeb@chromium.org>2016-07-07 10:52:46 -0700
committerMartin Roth <martinroth@google.com>2016-07-13 23:58:32 +0200
commitbc927107a062ca791ffb4a4f593049a7219b5a07 (patch)
tree31d7196e9dc33539ddfeb3fc770ba711c49a747a /src/lib/tpm2_marshaling.h
parent03e4472e179c51a43498533b90a49234e15a335b (diff)
tpm2: avoid comparison between signed and unsigned ints
The marshaling/unmarshaling code is using integer values to represent room left in the buffer, to be able to communicate three conditions: positive number means there is room left in the buffer, zero means that the exact amount of data in the buffer was unmarshaled and negative value means that the result of the operation did not fit into the buffer. The implementation is wrong though, as it compares directly signed and unsigned values, which is illegal, as signed values get promoted to unsigned by the compiler. This patch changes the marshaling code to use size_t for the size, and use zero as marshaling failure indication - after all the buffer where the data is marshaled to should definitely be large enough, and it is reasonable to expect at least some room left in it after marshaling. The unmarshaling situation is different: we sure want to communicate errors to the caller, but do not want to propagate error return values through multiple layers. This patch keeps the size value in int, but checks if it is negative separately, before comparing with positive values. BRANCH=none BUG=chrome-os-partner:50645 TEST=with the rest of the patches applied kevin successfully boots up. Change-Id: Ibfbd1b351e35e37c8925a78d095e4e8492805bad Signed-off-by: Martin Roth <martinroth@chromium.org> Original-Commit-Id: b1e862c2a650fa5f6cb25a01fe61e848a696cf17 Original-Change-Id: Ie7552b333afaff9a1234c948caf9d9a64447b2e1 Original-Signed-off-by: Vadim Bendebury <vbendeb@chromium.org> Original-Reviewed-on: https://chromium-review.googlesource.com/358772 Original-Reviewed-by: Aaron Durbin <adurbin@chromium.org> Reviewed-on: https://review.coreboot.org/15610 Tested-by: build bot (Jenkins) Reviewed-by: Patrick Georgi <pgeorgi@google.com>
Diffstat (limited to 'src/lib/tpm2_marshaling.h')
-rw-r--r--src/lib/tpm2_marshaling.h4
1 files changed, 2 insertions, 2 deletions
diff --git a/src/lib/tpm2_marshaling.h b/src/lib/tpm2_marshaling.h
index 69a345d731..e177d0609a 100644
--- a/src/lib/tpm2_marshaling.h
+++ b/src/lib/tpm2_marshaling.h
@@ -25,7 +25,7 @@
*
*/
int tpm_marshal_command(TPM_CC command, void *tpm_command_body,
- void *buffer, int buffer_size);
+ void *buffer, size_t buffer_size);
/**
* tpm_unmarshal_response
@@ -44,6 +44,6 @@ int tpm_marshal_command(TPM_CC command, void *tpm_command_body,
*/
struct tpm2_response *tpm_unmarshal_response(TPM_CC command,
void *response_body,
- int response_size);
+ size_t response_size);
#endif // __SRC_LIB_TPM2_MARSHALING_H