Hi Kent, sure, logics look good... The reason I expressed it as I did was to emphasis the overflow-nature of the check... But I guess that's a matter of personal preference. Adjust as suites the coding style of the rest... BTW, I think there should be some note around about optimization levels... I guess -O3 (-O2 ?) would remove this check... (Just in case anyone ever has bugs in this area...)
What would the expected behavior for *pEventCount == 0 be ? In my tests, I got 0 Events back. Or does 0 equal MAX ? The Spec does not mention this... (as it has quite some pieces missing regarding events in pcr-extend anyways...) On a different note, what's the preferred way to report Bugs+Patches but also for feature-additions to tpm-tools (as there may be some I might be allowed to publish sooner or later) ? The mailinglist or Bug-Report entries ? Cheers, Andreas ________________________________________ Von: Kent Yoder [[email protected]] Gesendet: Dienstag, 7. Mai 2013 21:54 An: Fuchs, Andreas Cc: [email protected] Betreff: Re: [TrouSerS-tech] [Patch] Non-critical integer-overflow in GetEvent-Handling Hi Andreas, On Tue, May 7, 2013 at 10:22 AM, Fuchs, Andreas <[email protected]> wrote: > Hi list... > > Happy to join you... > > Attached you find a patch that resolves an integer-overflow. > It hits when you request UINT32_MAX events starting at a non-Zero-Index. Thanks for the bug report! I'm hoping we can reduce the logic down a bit in the fix. Does this look like it will work to you? if ((FirstEvent + *pEventCount) >= FirstEvent && (FirstEvent + *pEventCount) >= *pEventCount) lastEventNumber = MIN(lastEventNumber, FirstEvent + *pEventCount); Else we leave lastEventNumber as is. It also looks like I'm missing a check if *pEventCount == 0 in this function, which I'll add. Kent > Cheers, > Andreas > ------------------------------------------------------------------------------ > Learn Graph Databases - Download FREE O'Reilly Book > "Graph Databases" is the definitive new guide to graph databases and > their applications. This 200-page book is written by three acclaimed > leaders in the field. The early access version is available now. > Download your free book today! http://p.sf.net/sfu/neotech_d2d_may > _______________________________________________ > TrouSerS-tech mailing list > [email protected] > https://lists.sourceforge.net/lists/listinfo/trousers-tech > ------------------------------------------------------------------------------ Learn Graph Databases - Download FREE O'Reilly Book "Graph Databases" is the definitive new guide to graph databases and their applications. This 200-page book is written by three acclaimed leaders in the field. The early access version is available now. Download your free book today! http://p.sf.net/sfu/neotech_d2d_may _______________________________________________ TrouSerS-tech mailing list [email protected] https://lists.sourceforge.net/lists/listinfo/trousers-tech
