repart: avoid use of uninitialized TPM2B_PUBLIC data

The 'TPM2B public' struct is only initialized if the public key is non-NULL, however, it is unconditionally passed to tpm2_calculate_sealing_policy, resulting in use of uninitialized data. If the uninitialized data is lucky enough to be all zeroes, this results eventually results in an error message from tpm2_calculate_name about an unsupported nameAlg field value. Signed-off-by: Daniel P. Berrangé <[email protected]> (cherry picked from commit a3ad5c3) Resolves: RHEL-56793
redhat-plumbers · Jan 13, 2025 · 834137e · 834137e
1 parent 79d0bc0
commit 834137e
Showing 1 changed file with 1 addition and 1 deletion.
diff --git a/src/partition/repart.c b/src/partition/repart.c
@@ -3073,7 +3073,7 @@ static int partition_encrypt(
                 }
 
                 TPM2B_DIGEST policy = TPM2B_DIGEST_MAKE(NULL, TPM2_SHA256_DIGEST_SIZE);
-                r = tpm2_calculate_sealing_policy(arg_tpm2_hash_pcr_values, arg_tpm2_n_hash_pcr_values, &public, /* use_pin= */ false, &policy);
+                r = tpm2_calculate_sealing_policy(arg_tpm2_hash_pcr_values, arg_tpm2_n_hash_pcr_values, pubkey ? &public : NULL, /* use_pin= */ false, &policy);
                 if (r < 0)
                         return log_error_errno(r, "Could not calculate sealing policy digest: %m");