> BTW, I think there should be some note around about optimization levels... I > guess -O3 (-O2 ?) > would remove this check... (Just in case anyone ever has bugs in this area...)
We by default go with -O2, but why would this be removed in O3? > What would the expected behavior for *pEventCount == 0 be ? > In my tests, I got 0 Events back. Or does 0 equal MAX ? The Spec does not > mention this... > (as it has quite some pieces missing regarding events in pcr-extend > anyways...) I'd just returned TSS_SUCCESS and 0 events. I'm treating 0xffffffff as MAX here... > On a different note, what's the preferred way to report Bugs+Patches but also > for feature-additions > to tpm-tools (as there may be some I might be allowed to publish sooner or > later) ? > The mailinglist or Bug-Report entries ? Please use the bug/feature trackers. Either will get my attention but the tracking is better for stuff in the trackers. Thanks, Kent > Cheers, > Andreas > > ________________________________________ > Von: Kent Yoder [[email protected]] > Gesendet: Dienstag, 7. Mai 2013 21:54 > An: Fuchs, Andreas > Cc: [email protected] > Betreff: Re: [TrouSerS-tech] [Patch] Non-critical integer-overflow in > GetEvent-Handling > > Hi Andreas, > > On Tue, May 7, 2013 at 10:22 AM, Fuchs, Andreas > <[email protected]> wrote: >> Hi list... >> >> Happy to join you... >> >> Attached you find a patch that resolves an integer-overflow. >> It hits when you request UINT32_MAX events starting at a non-Zero-Index. > > Thanks for the bug report! I'm hoping we can reduce the logic down > a bit in the fix. Does this look like it will work to you? > > if ((FirstEvent + *pEventCount) >= FirstEvent && (FirstEvent + > *pEventCount) >= *pEventCount) > lastEventNumber = MIN(lastEventNumber, FirstEvent + *pEventCount); > > Else we leave lastEventNumber as is. It also looks like I'm missing a > check if *pEventCount == 0 in this function, which I'll add. > > Kent > >> Cheers, >> Andreas >> ------------------------------------------------------------------------------ >> Learn Graph Databases - Download FREE O'Reilly Book >> "Graph Databases" is the definitive new guide to graph databases and >> their applications. This 200-page book is written by three acclaimed >> leaders in the field. The early access version is available now. >> Download your free book today! http://p.sf.net/sfu/neotech_d2d_may >> _______________________________________________ >> TrouSerS-tech mailing list >> [email protected] >> https://lists.sourceforge.net/lists/listinfo/trousers-tech >> ------------------------------------------------------------------------------ Learn Graph Databases - Download FREE O'Reilly Book "Graph Databases" is the definitive new guide to graph databases and their applications. This 200-page book is written by three acclaimed leaders in the field. The early access version is available now. Download your free book today! http://p.sf.net/sfu/neotech_d2d_may _______________________________________________ TrouSerS-tech mailing list [email protected] https://lists.sourceforge.net/lists/listinfo/trousers-tech
