From 9a10fe803bc0a8ded1dd12a8478720ce4bd82ca8 Mon Sep 17 00:00:00 2001 From: houmingyong Date: Sat, 3 Jun 2023 16:08:38 +0800 Subject: [PATCH] bugfix --- 0068-bugfix-when-input-empty-hash.patch | 27 +++++++++++++++++++++++++ secGear.spec | 6 +++++- 2 files changed, 32 insertions(+), 1 deletion(-) create mode 100644 0068-bugfix-when-input-empty-hash.patch diff --git a/0068-bugfix-when-input-empty-hash.patch b/0068-bugfix-when-input-empty-hash.patch new file mode 100644 index 0000000..8840b9f --- /dev/null +++ b/0068-bugfix-when-input-empty-hash.patch @@ -0,0 +1,27 @@ +From 5df0040e56c697ffc4797c798dcbafde796ff5e5 Mon Sep 17 00:00:00 2001 +From: houmingyong +Date: Sat, 3 Jun 2023 16:05:25 +0800 +Subject: [PATCH] bugfix when input empty hash + +--- + component/local_attest/gp_local_attest.c | 4 ++-- + 1 file changed, 2 insertions(+), 2 deletions(-) + +diff --git a/component/local_attest/gp_local_attest.c b/component/local_attest/gp_local_attest.c +index 7f75147..53dc5d9 100644 +--- a/component/local_attest/gp_local_attest.c ++++ b/component/local_attest/gp_local_attest.c +@@ -59,8 +59,8 @@ static cc_enclave_result_t gp_compare_hash(gp_basevalue_t *basevalue, char *ta_i + PrintInfo(PRINT_STRACE, "heximg:%s, hexmem:%s", heximg, hexmem); + PrintInfo(PRINT_STRACE, "img_hash:%s, mem_hash:%s", basevalue->img_hash, basevalue->mem_hash); + +- if (memcmp(heximg, basevalue->img_hash, strlen(basevalue->img_hash)) != 0 || +- memcmp(hexmem, basevalue->mem_hash, strlen(basevalue->mem_hash)) != 0) { ++ if (memcmp(heximg, basevalue->img_hash, strlen(heximg)) != 0 || ++ memcmp(hexmem, basevalue->mem_hash, strlen(hexmem)) != 0) { + PrintInfo(PRINT_ERROR, "verify local report hash failed!\n"); + return CC_ERROR_LOCAL_REPORT_HASH_MISMATCH; + } +-- +2.33.0 + diff --git a/secGear.spec b/secGear.spec index 99b2c9f..970a90a 100644 --- a/secGear.spec +++ b/secGear.spec @@ -1,6 +1,6 @@ Name: secGear Version: 0.1.0 -Release: 41 +Release: 42 Summary: secGear is an SDK to develop confidential computing apps based on hardware enclave features @@ -76,6 +76,7 @@ Patch63: 0064-support-local-attest.patch Patch64: 0065-optimize-name-ree-agent-to-ra-agent.patch Patch65: 0066-fix-error-file-name.patch Patch66: 0067-local-attest-verify-input-hash-pointer.patch +Patch67: 0068-bugfix-when-input-empty-hash.patch BuildRequires: gcc python automake autoconf libtool BUildRequires: glibc glibc-devel cmake ocaml-dune rpm gcc-c++ openssl-libs openssl-devel @@ -207,6 +208,9 @@ popd systemctl restart rsyslog %changelog +* Sat Jun 3 2023 houmingyong - 0.1.0-42 +- DESC: bugfix input empty hash + * Fri Jun 2 2023 houmingyong - 0.1.0-41 - DESC: fix local attest bug -- Gitee