Skip to content

Commit

Permalink
rust: add bound check for imr_index when replay
Browse files Browse the repository at this point in the history
Signed-off-by: zhongjie <[email protected]>
  • Loading branch information
intelzhongjie committed Mar 4, 2024
1 parent af1cb86 commit 2029fe2
Show file tree
Hide file tree
Showing 2 changed files with 8 additions and 2 deletions.
8 changes: 7 additions & 1 deletion common/rust/cctrusted_base/src/eventlog.rs
Original file line number Diff line number Diff line change
Expand Up @@ -509,7 +509,10 @@ impl EventLogs {
1: { 12: <measurement_replayed>},
]
*/
pub fn replay(eventlogs: Vec<EventLogEntry>) -> Result<Vec<ReplayResult>, anyhow::Error> {
pub fn replay(
eventlogs: Vec<EventLogEntry>,
imr_idx_max: u32,
) -> Result<Vec<ReplayResult>, anyhow::Error> {
let mut replay_results: Vec<ReplayResult> = Vec::new();

for event_log in eventlogs {
Expand All @@ -519,6 +522,9 @@ impl EventLogs {
continue;
}
let imr_index = tcg_imr_event.imr_index;
if imr_index > imr_idx_max {
return Err(anyhow!("imr_index {} out of range", imr_index));
}
for digest in tcg_imr_event.digests {
let algo_id = digest.algo_id;
let hash = digest.hash;
Expand Down
2 changes: 1 addition & 1 deletion vmsdk/rust/cctrusted_vm/src/tdvm.rs
Original file line number Diff line number Diff line change
Expand Up @@ -469,7 +469,7 @@ impl CVM for TdxVM {
&self,
eventlogs: Vec<EventLogEntry>,
) -> Result<Vec<ReplayResult>, anyhow::Error> {
EventLogs::replay(eventlogs)
EventLogs::replay(eventlogs, TdxRTMR::max_index().into())
}

// CVM trait function: retrive CVM type
Expand Down

0 comments on commit 2029fe2

Please sign in to comment.