Skip to content

Commit

Permalink
FAPI: Add missing error check for json object add functions
Browse files Browse the repository at this point in the history 
It was not checked whether the return code is equal 0 for the
functions json_object_array_add and json_object_object_add.

Signed-off-by: Juergen Repp <juergen_repp@web.de>
  • Loading branch information
@JuergenReppSIT
JuergenReppSIT committed Jan 15, 2024
1 parent a7da221 commit 50b7608
Show file tree
Hide file tree
Showing 7 changed files with 1,002 additions and 334 deletions.
44 changes: 33 additions & 11 deletions src/tss2-fapi/ifapi_ima_eventlog.c
View file
Original file line number Diff line number Diff line change
Expand Up @@ -80,7 +80,9 @@ get_json_content(json_object *jso, json_object **jso_sub) {
if (!ifapi_get_sub_object(jso, CONTENT, jso_sub)) {
*jso_sub = json_object_new_object();
return_if_null(*jso_sub, "Out of memory.", TSS2_FAPI_RC_MEMORY);
json_object_object_add(jso, CONTENT, *jso_sub);
if (json_object_object_add(jso, CONTENT, *jso_sub)) {
return_error(TSS2_FAPI_RC_GENERAL_FAILURE, "Could not add json object.");
}
}
return TSS2_RC_SUCCESS;
}
Expand All @@ -105,7 +107,9 @@ add_uint8_ary_to_json(UINT8 *buffer, UINT32 size, json_object *jso, const char *
SAFE_FREE(hex_string)
return_if_null(jso_byte_string, "Out of memory", TSS2_FAPI_RC_MEMORY);

json_object_object_add(jso, jso_tag, jso_byte_string);
if (json_object_object_add(jso, jso_tag, jso_byte_string)) {
return_error(TSS2_FAPI_RC_GENERAL_FAILURE, "Could not add json object.");
}
return TSS2_RC_SUCCESS;
}

Expand All @@ -120,7 +124,9 @@ add_string_to_json(const char *string, json_object *jso, const char *jso_tag)
jso_string = json_object_new_string(string);
return_if_null(jso_string, "Out of memory", TSS2_FAPI_RC_MEMORY);

json_object_object_add(jso, jso_tag, jso_string);
if (json_object_object_add(jso, jso_tag, jso_string)) {
return_error(TSS2_FAPI_RC_GENERAL_FAILURE, "Could not add json object.");
}
return TSS2_RC_SUCCESS;
}

Expand All @@ -134,7 +140,9 @@ add_number_to_json(UINT32 number, json_object *jso, const char *jso_tag)
jso_number = json_object_new_int64(number);
return_if_null(jso_number, "Out of memory", TSS2_FAPI_RC_MEMORY);

json_object_object_add(jso, jso_tag, jso_number);
if (json_object_object_add(jso, jso_tag, jso_number)) {
return_error(TSS2_FAPI_RC_GENERAL_FAILURE, "Could not add json object.");
}
return TSS2_RC_SUCCESS;
}

Expand Down Expand Up @@ -178,14 +186,20 @@ set_ff_digest(json_object *jso) {
jso_digest_type = json_object_new_string ("sha1");
goto_if_null(jso_digest_type, "Out of memory.", TSS2_FAPI_RC_MEMORY, error);

json_object_object_add(jso_digest, "hashAlg", jso_digest_type);
if (json_object_object_add(jso_digest, "hashAlg", jso_digest_type)) {
return_error(TSS2_FAPI_RC_GENERAL_FAILURE, "Could not add json object.");
}

jso_ary = json_object_new_array();
goto_if_null(jso_ary, "Out of memory.", TSS2_FAPI_RC_MEMORY, error);

json_object_array_add(jso_ary, jso_digest);
if (json_object_array_add(jso_ary, jso_digest)) {
return_error(TSS2_FAPI_RC_GENERAL_FAILURE, "Could not add json object.");
}
json_object_object_del(jso, "digests");
json_object_object_add(jso, "digests", jso_ary);
if (json_object_object_add(jso, "digests", jso_ary)) {
return_error(TSS2_FAPI_RC_GENERAL_FAILURE, "Could not add json object.");
}
return TSS2_RC_SUCCESS;

error:
Expand Down Expand Up @@ -397,13 +411,19 @@ event_header_json_cb(
jso_digest_type = json_object_new_string (hash_name);
return_if_null(jso_digest_type, "Out of memory.", TSS2_FAPI_RC_MEMORY);

json_object_object_add(jso_digest, "hashAlg", jso_digest_type);
if (json_object_object_add(jso_digest, "hashAlg", jso_digest_type)) {
return_error(TSS2_FAPI_RC_GENERAL_FAILURE, "Could not add json object.");
}

jso_ary = json_object_new_array();
return_if_null(jso_ary, "Out of memory.", TSS2_FAPI_RC_MEMORY);

json_object_array_add(jso_ary, jso_digest);
json_object_object_add(*jso, "digests", jso_ary);
if (json_object_array_add(jso_ary, jso_digest)) {
return_error(TSS2_FAPI_RC_GENERAL_FAILURE, "Could not add json object.");
}
if (json_object_object_add(*jso, "digests", jso_ary)) {
return_error(TSS2_FAPI_RC_GENERAL_FAILURE, "Could not add json object.");
}

r = add_uint8_ary_to_json(digest, digest_size, jso_digest, "digest");
return_if_error(r, "Add digest to json");
Expand All @@ -417,7 +437,9 @@ event_header_json_cb(
r = add_string_to_json(ima_type, jso_content, "template_name");
return_if_error(r, "Add number to json object.");

json_object_array_add(jso_list, *jso);
if (json_object_array_add(jso_list, *jso)) {
return_error(TSS2_FAPI_RC_GENERAL_FAILURE, "Could not add json object.");
}
return TSS2_RC_SUCCESS;
}

Expand Down
100 changes: 75 additions & 25 deletions src/tss2-fapi/ifapi_json_eventlog_serialize.c
View file
Original file line number Diff line number Diff line change
Expand Up @@ -56,7 +56,9 @@ add_string_to_json(const char *string, json_object *jso, const char *jso_tag)
jso_string = json_object_new_string(string);
return_if_null(jso_string, "Out of memory", TSS2_FAPI_RC_MEMORY);

json_object_object_add(jso, jso_tag, jso_string);
if (json_object_object_add(jso, jso_tag, jso_string)) {
return_error(TSS2_FAPI_RC_GENERAL_FAILURE, "Could not add json object.");
}
return TSS2_RC_SUCCESS;
}

Expand Down Expand Up @@ -194,14 +196,18 @@ TSS2_RC ifapi_json_TCG_DIGEST2_serialize(const TCG_DIGEST2 *in, json_object **js
r = ifapi_json_TPM2_ALG_ID_serialize(in->AlgorithmId, &jso2);
return_if_jso_error(r, "Serialize hash algorithm", jso2);

json_object_object_add(*jso, "hashAlg", jso2);
if (json_object_object_add(*jso, "hashAlg", jso2)) {
return_error(TSS2_FAPI_RC_GENERAL_FAILURE, "Could not add json object.");
}
jso2 = NULL;

size = ifapi_hash_get_digest_size(in->AlgorithmId);
r = ifapi_json_BYTE_ARY_serialize(&in->Digest[0], size, &jso2);
return_if_jso_error(r, "Serialize UINT8", jso2);

json_object_object_add(*jso, "digest", jso2);
if (json_object_object_add(*jso, "digest", jso2)) {
return_error(TSS2_FAPI_RC_GENERAL_FAILURE, "Could not add json object.");
}
return TSS2_RC_SUCCESS;
}

Expand Down Expand Up @@ -237,7 +243,9 @@ bool ifapi_json_TCG_DIGEST2_cb(const TCG_DIGEST2 *in, size_t size, void *data)
return false;
}

json_object_array_add(jso_digests, jso_digest);
if (json_object_array_add(jso_digests, jso_digest)) {
return_error(TSS2_FAPI_RC_GENERAL_FAILURE, "Could not add json object.");
}
return true;
}

Expand Down Expand Up @@ -422,7 +430,9 @@ TSS2_RC ifapi_json_TCG_EVENT2_serialize(const TCG_EVENT2 *in, UINT32 event_type,
r = ifapi_json_BYTE_ARY_serialize(&in->Event[0], in->EventSize, &jso2);
return_if_jso_error(r, "Serialize UINT8", jso2);

json_object_object_add(*jso, "event_data", jso2);
if (json_object_object_add(*jso, "event_data", jso2)) {
return_error(TSS2_FAPI_RC_GENERAL_FAILURE, "Could not add json object.");
}
}
return TSS2_RC_SUCCESS;
}
Expand Down Expand Up @@ -487,28 +497,38 @@ TSS2_RC ifapi_json_TCG_EVENT_HEADER2_serialize(
}
jso_sub = json_object_new_object();
return_if_null(jso_sub, "Out of memory.", TSS2_FAPI_RC_MEMORY);
json_object_object_add(*jso, CONTENT, jso_sub);
if (json_object_object_add(*jso, CONTENT, jso_sub)) {
return_error(TSS2_FAPI_RC_GENERAL_FAILURE, "Could not add json object.");
}

r = add_string_to_json("pcclient_std", *jso, CONTENT_TYPE);
return_if_error(r, "Add event type");

r = ifapi_json_UINT32_serialize(in->PCRIndex, &jso2);
return_if_error(r, "Serialize UINT32");

json_object_object_add(*jso, "pcr", jso2);
if (json_object_object_add(*jso, "pcr", jso2)) {
return_error(TSS2_FAPI_RC_GENERAL_FAILURE, "Could not add json object.");
}
jso2 = NULL;

jso2 = json_object_new_int64(recnum);
return_if_null(jso2, "Out of memory.", TSS2_FAPI_RC_MEMORY);
json_object_object_add(*jso, "recnum", jso2);
if (json_object_object_add(*jso, "recnum", jso2)) {
return_error(TSS2_FAPI_RC_GENERAL_FAILURE, "Could not add json object.");
}

jso2 = json_object_new_string(eventtype_to_string(in->EventType));

json_object_object_add(jso_sub, "event_type", jso2);
if (json_object_object_add(jso_sub, "event_type", jso2)) {
return_error(TSS2_FAPI_RC_GENERAL_FAILURE, "Could not add json object.");
}

jso_ary = json_object_new_array();
return_if_null(jso_ary, "Out of memory.", TSS2_FAPI_RC_MEMORY);
json_object_object_add(*jso, "digests", jso_ary);
if (json_object_object_add(*jso, "digests", jso_ary)) {
return_error(TSS2_FAPI_RC_GENERAL_FAILURE, "Could not add json object.");
}

return TSS2_RC_SUCCESS;
}
Expand Down Expand Up @@ -542,7 +562,9 @@ bool ifapi_json_TCG_EVENT_HEADER2_cb(

cb_data->recnum_tab[in->PCRIndex]++;

json_object_array_add(jso_event_list, jso);
if (json_object_array_add(jso_event_list, jso)) {
return_error(TSS2_FAPI_RC_GENERAL_FAILURE, "Could not add json object.");
}
return true;
}

Expand Down Expand Up @@ -591,19 +613,27 @@ TSS2_RC ifapi_json_TCG_EVENT_serialize(const TCG_EVENT *in, size_t recnum, json_
r = ifapi_json_UINT32_serialize(in->pcrIndex, &jso2);
return_if_error(r, "Serialize UINT32");

json_object_object_add(*jso, "pcr", jso2);
if (json_object_object_add(*jso, "pcr", jso2)) {
return_error(TSS2_FAPI_RC_GENERAL_FAILURE, "Could not add json object.");
}
jso2 = json_object_new_int64(recnum);
return_if_null(jso2, "Out of memory.", TSS2_FAPI_RC_MEMORY);

json_object_object_add(*jso, "recnum", jso2);
if (json_object_object_add(*jso, "recnum", jso2)) {
return_error(TSS2_FAPI_RC_GENERAL_FAILURE, "Could not add json object.");
}
jso2 = json_object_new_string(eventtype_to_string(in->eventType));
return_if_null(jso2, "Out of memory.", TSS2_FAPI_RC_MEMORY);

jso_sub = json_object_new_object();
return_if_null(jso_sub, "Out of memory.", TSS2_FAPI_RC_MEMORY);
json_object_object_add(*jso, CONTENT, jso_sub);
if (json_object_object_add(*jso, CONTENT, jso_sub)) {
return_error(TSS2_FAPI_RC_GENERAL_FAILURE, "Could not add json object.");
}

json_object_object_add(jso_sub, "event_type", jso2);
if (json_object_object_add(jso_sub, "event_type", jso2)) {
return_error(TSS2_FAPI_RC_GENERAL_FAILURE, "Could not add json object.");
}

jso_digest = json_object_new_object();
return_if_null(*jso, "Out of memory.", TSS2_FAPI_RC_MEMORY);
Expand All @@ -612,25 +642,35 @@ TSS2_RC ifapi_json_TCG_EVENT_serialize(const TCG_EVENT *in, size_t recnum, json_
r = ifapi_json_TPM2_ALG_ID_serialize(TPM2_ALG_SHA1, &jso2);
return_if_error(r, "Serialize hash algorithm");

json_object_object_add(jso_digest, "hashAlg", jso2);
if (json_object_object_add(jso_digest, "hashAlg", jso2)) {
return_error(TSS2_FAPI_RC_GENERAL_FAILURE, "Could not add json object.");
}

jso2 = NULL;
r = ifapi_json_BYTE_ARY_serialize(&in->digest[0], 20, &jso2);
return_if_error(r, "Serialize BYTE");

json_object_object_add(jso_digest, "digest", jso2);
if (json_object_object_add(jso_digest, "digest", jso2)) {
return_error(TSS2_FAPI_RC_GENERAL_FAILURE, "Could not add json object.");
}

jso_ary = json_object_new_array();
return_if_null(jso_ary, "Out of memory.", TSS2_FAPI_RC_MEMORY);

json_object_array_add(jso_ary, jso_digest);
if (json_object_array_add(jso_ary, jso_digest)) {
return_error(TSS2_FAPI_RC_GENERAL_FAILURE, "Could not add json object.");
}

json_object_object_add(*jso, "digests", jso_ary);
if (json_object_object_add(*jso, "digests", jso_ary)) {
return_error(TSS2_FAPI_RC_GENERAL_FAILURE, "Could not add json object.");
}
jso2 = NULL;
r = ifapi_json_BYTE_ARY_serialize(&in->event[0], in->eventDataSize, &jso2);
return_if_error(r, "Serialize BYTE");

json_object_object_add(jso_sub, "event_data", jso2);
if (json_object_object_add(jso_sub, "event_data", jso2)) {
return_error(TSS2_FAPI_RC_GENERAL_FAILURE, "Could not add json object.");
}
return TSS2_RC_SUCCESS;
}

Expand Down Expand Up @@ -660,7 +700,9 @@ bool ifapi_json_TCG_EVENT_cb(const TCG_EVENT *in, size_t size, void *data)

cb_data->recnum_tab[in->pcrIndex]++;

json_object_array_add(jso_event_list, jso);
if (json_object_array_add(jso_event_list, jso)) {
return_error(TSS2_FAPI_RC_GENERAL_FAILURE, "Could not add json object.");
}
return true;
}

Expand Down Expand Up @@ -690,12 +732,16 @@ TSS2_RC ifapi_json_TCG_SPECID_ALG_serialize(
r = ifapi_json_TPM2_ALG_ID_serialize(in->algorithmId, &jso2);
return_if_error(r, "Serialize UINT16");

json_object_object_add(*jso, "algorithmId", jso2);
if (json_object_object_add(*jso, "algorithmId", jso2)) {
return_error(TSS2_FAPI_RC_GENERAL_FAILURE, "Could not add json object.");
}
jso2 = NULL;
r = ifapi_json_UINT16_serialize(in->digestSize, &jso2);
return_if_error(r, "Serialize UINT16");

json_object_object_add(*jso, "digestSize", jso2);
if (json_object_object_add(*jso, "digestSize", jso2)) {
return_error(TSS2_FAPI_RC_GENERAL_FAILURE, "Could not add json object.");
}
return TSS2_RC_SUCCESS;
}

Expand Down Expand Up @@ -726,7 +772,9 @@ TSS2_RC ifapi_json_TCG_VENDOR_INFO_serialize(const TCG_VENDOR_INFO *in, json_obj
r = ifapi_json_BYTE_ARY_serialize(&in->vendorInfo[0], in->vendorInfoSize, &jso2);
return_if_error(r, "Serialize BYTE");

json_object_object_add(*jso, "vendorInfo", jso2);
if (json_object_object_add(*jso, "vendorInfo", jso2)) {
return_error(TSS2_FAPI_RC_GENERAL_FAILURE, "Could not add json object.");
}
return TSS2_RC_SUCCESS;
}

Expand Down Expand Up @@ -819,7 +867,9 @@ bool ifapi_json_TCG_SPECID_EVENT_cb(
return false;
}

json_object_array_add(jso_event_list, jso);
if (json_object_array_add(jso_event_list, jso)) {
return_error(TSS2_FAPI_RC_GENERAL_FAILURE, "Could not add json object.");
}
return true;
}

Expand Down
Loading

0 comments on commit 50b7608

Please sign in to comment.