Skip to content

Commit

Permalink
ignore unknown versions in version response.
Browse files Browse the repository at this point in the history
Current design will reject version response if there is a
version other than 0x10, 0x11 and 0x12. In this patch,
will not reject such version response, instead, unknown
versions will be ignored.

Signed-off-by: Yang, Longlong <longlong.yang@intel.com>
  • Loading branch information
longlongyang authored and jyao1 committed Jan 24, 2024
1 parent 48c79b2 commit f42eaf4
Show file tree
Hide file tree
Showing 2 changed files with 26 additions and 10 deletions.
2 changes: 1 addition & 1 deletion spdmlib/src/common/mod.rs
Original file line number Diff line number Diff line change
Expand Up @@ -1151,7 +1151,7 @@ pub struct SpdmNegotiateInfo {
pub rsp_max_spdm_msg_size_sel: u32, // spdm 1.2
}

pub const MAX_MANAGED_BUFFER_A_SIZE: usize = 150 + 2 * MAX_SPDM_VERSION_COUNT;
pub const MAX_MANAGED_BUFFER_A_SIZE: usize = 150 + 2 * 255; // for version response, there can be more than MAX_SPDM_VERSION_COUNT versions.
pub const MAX_MANAGED_BUFFER_B_SIZE: usize =
24 + SPDM_MAX_HASH_SIZE * SPDM_MAX_SLOT_NUMBER + config::MAX_SPDM_CERT_CHAIN_DATA_SIZE;
pub const MAX_MANAGED_BUFFER_C_SIZE: usize =
Expand Down
34 changes: 25 additions & 9 deletions spdmlib/src/message/version.rs
Original file line number Diff line number Diff line change
Expand Up @@ -95,9 +95,7 @@ impl SpdmCodec for SpdmVersionResponsePayload {
u8::read(r)?; // reserved
let version_number_entry_count = u8::read(r)?;

if version_number_entry_count < 1
|| version_number_entry_count > MAX_SPDM_VERSION_COUNT as u8
{
if version_number_entry_count == 0 {
return None;
}

Expand All @@ -108,14 +106,32 @@ impl SpdmCodec for SpdmVersionResponsePayload {
},
MAX_SPDM_VERSION_COUNT,
);
for version in versions
.iter_mut()
.take(version_number_entry_count as usize)
{
*version = SpdmVersionStruct::read(r)?;

let mut version_count = 0;
let rest = r.take(version_number_entry_count as usize * 2)?;

for i in 0..version_number_entry_count {
if let Some(ver) = SpdmVersionStruct::read_bytes(&rest[i as usize * 2..]) {
if version_count < MAX_SPDM_VERSION_COUNT {
versions[version_count] = ver;
version_count += 1;
} else {
// the buffer is full now, stop for scaning more versions
break;
}
} else {
// for unknown versions,
if rest[i as usize * 2 + 1] < 0x10 {
// find a version which is lower than the 0x10 version
return None;
} else {
// for any other version, just ignore it
}
}
}

Some(SpdmVersionResponsePayload {
version_number_entry_count,
version_number_entry_count: version_count as u8,
versions,
})
}
Expand Down

0 comments on commit f42eaf4

Please sign in to comment.