On Thu, Nov 08, 2018 at 05:03:29PM +0000, Winkler, Tomas wrote:
> You initialized cc under if only
> > +
> > + i = tpm2_find_cc(chip, cc);
> > + if (i < 0) {
> > + dev_dbg(&chip->dev, "0x%04X is an invalid
> > command\n",
> > + cc);
> > + return -EOPNOTSUPP;
> > + }
> > +
> > + attrs = chip->cc_attrs_tbl[i];
> > + nr_handles =
> > + 4 * ((attrs >> TPM2_CC_ATTR_CHANDLES) &
> > GENMASK(2, 0));
> > + if (len < TPM_HEADER_SIZE + 4 * nr_handles)
> > + goto err_len;
> > + }
> > +
> > + return cc;
> You can return uninitialized cc here.
Thanks, good catch.
/Jarkko
