Message ID | 20241102102737.107531-1-heinrich.schuchardt@canonical.com |
---|---|
State | Accepted |
Commit | 6c717d952d455d2efc267496fa9797a656459e6f |
Delegated to: | Ilias Apalodimas |
Headers | show |
Series | [1/1] tpm: use memmove() for overlapping buffers | expand |
On Sat, 2 Nov 2024 at 12:27, Heinrich Schuchardt <heinrich.schuchardt@canonical.com> wrote: > > The behavior of memcpy() for overlapping buffers is undefined. > > Fixes: 4c57ec76b725 ("tpm: Implement state command for Cr50") > Addresses-Coverity-ID: 356664 Overlapping buffer in memory copy > Signed-off-by: Heinrich Schuchardt <heinrich.schuchardt@canonical.com> > --- > lib/tpm-v2.c | 2 +- > 1 file changed, 1 insertion(+), 1 deletion(-) > > diff --git a/lib/tpm-v2.c b/lib/tpm-v2.c > index 59e6cbafafa..ad2b5ab0c32 100644 > --- a/lib/tpm-v2.c > +++ b/lib/tpm-v2.c > @@ -821,7 +821,7 @@ u32 tpm2_report_state(struct udevice *dev, uint vendor_cmd, uint vendor_subcmd, > if (*recv_size < 12) > return -ENODATA; > *recv_size -= 12; > - memcpy(recvbuf, recvbuf + 12, *recv_size); > + memmove(recvbuf, recvbuf + 12, *recv_size); > > return 0; > } > -- > 2.45.2 > Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
diff --git a/lib/tpm-v2.c b/lib/tpm-v2.c index 59e6cbafafa..ad2b5ab0c32 100644 --- a/lib/tpm-v2.c +++ b/lib/tpm-v2.c @@ -821,7 +821,7 @@ u32 tpm2_report_state(struct udevice *dev, uint vendor_cmd, uint vendor_subcmd, if (*recv_size < 12) return -ENODATA; *recv_size -= 12; - memcpy(recvbuf, recvbuf + 12, *recv_size); + memmove(recvbuf, recvbuf + 12, *recv_size); return 0; }
The behavior of memcpy() for overlapping buffers is undefined. Fixes: 4c57ec76b725 ("tpm: Implement state command for Cr50") Addresses-Coverity-ID: 356664 Overlapping buffer in memory copy Signed-off-by: Heinrich Schuchardt <heinrich.schuchardt@canonical.com> --- lib/tpm-v2.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-)