On 5/18/2017 5:38 AM, Roberto Sassu wrote:
There cannot be buffer overflow, because the length of each digest
field is known.
Crypto Agile: pcr[4] total_digest_len[4]
digest1_len[4] digest1[digest1_len] ...
The way I read this, the digest length is supplied by the caller, which
is slightly different from "known". For example, if I supply a digest
length of 0xffffffff, a too trusting (buggy) parser could overflow the
buffer.
total_digest_len is similarly untrusted. The attacker can send invalid
values.
