search

9elements / converged-security-suite

Converged Security Suite for Intel & AMD platform security features
https://www.9esec.io
BSD 3-Clause "New" or "Revised" License
58 stars 15 forks source link

fix(pcr0tool): Do not panic if an image and a measurement are misaligned #342

Closed xaionaro closed 1 year ago

xaionaro commented 1 year ago

An example of a panic

panic: runtime error: slice bounds out of range [:18446744073671540766] with capacity 33553920
goroutine 737 [running]:
third-party-source/go/github.com/9elements/converged-security-suite/v2/pkg/pcr.DataChunk.CompileMeasurableData(...)
    third-party-source/go/github.com/9elements/converged-security-suite/v2/pkg/pcr/measurement.go:77
third-party-source/go/github.com/9elements/converged-security-suite/v2/pkg/pcr.Measurement.CompileMeasurableData({0xc0003dba00?, {0xc0009d8780?, 0x7fe41cdc0108?, 0xc000cc2eb8?}}, {0xc009290000, 0x78?, 0x1fffe00})
    third-party-source/go/github.com/9elements/converged-security-suite/v2/pkg/pcr/measurement.go:205 +0x230
third-party-source/go/github.com/9elements/converged-security-suite/v2/pkg/pcr.Measurement.Cache({0x2, {0xc0009d8780, 0x6, 0x8}}, {0xc009290000, 0x1000000, 0x1fffe00}, {0x7607a0, 0xc0003dba00})
    third-party-source/go/github.com/9elements/converged-security-suite/v2/pkg/pcr/measurement.go:286 +0x65
[...]