Skip to content

rust: add bound check for imr_index when replay #36

rust: add bound check for imr_index when replay

rust: add bound check for imr_index when replay #36

name: Rust Code Scan
on:
push:
branches:
- main
paths:
- 'common/rust/cctrusted_base/src/**.rs'
- 'common/rust/cctrusted_base/src/tdx/**.rs'
- 'common/rust/cctrusted_base/src/tpm/**.rs'
- 'vmsdk/rust/cctrusted_vm/src/**.rs'
- 'vmsdk/rust/sample/src/**.rs'
- '.github/workflows/pr-check-rust.yaml'
pull_request:
paths:
- 'common/rust/cctrusted_base/src/**.rs'
- 'common/rust/cctrusted_base/src/tdx/**.rs'
- 'common/rust/cctrusted_base/src/tpm/**.rs'
- 'vmsdk/rust/cctrusted_vm/src/**.rs'
- 'vmsdk/rust/sample/src/**.rs'
- '.github/workflows/pr-check-rust.yaml'
workflow_dispatch:
jobs:
codescan:
runs-on: ubuntu-latest
steps:
- name: Checkout PR
uses: actions/checkout@v3
- name: Set up Rust action
uses: actions-rs/toolchain@v1
with:
toolchain: 1.70.0
- name: Install dependencies
run: |
sudo apt update && yes | DEBIAN_FRONTEND=noninteractive sudo apt install -y libcryptsetup-dev clang protobuf-compiler protobuf-c-compiler libprotobuf-c-dev libprotobuf-c1 build-essential pkg-config libssl-dev
- name: Run cargo check for cctrusted_base
run: |
cd common/rust/cctrusted_base/
cargo check
cargo fmt -- --check
cargo clippy
cargo install --locked cargo-deny
cargo deny check
- name: Run cargo check for VM SDK
run: |
cd vmsdk/rust/cctrusted_vm/
cargo check
cargo fmt -- --check
cargo clippy
cargo deny check