[PATCH 1/1] tpm: use memmove() for overlapping buffers

Mon Nov 11 12:14:45 CET 2024

On Sat, 2 Nov 2024 at 12:27, Heinrich Schuchardt
<heinrich.schuchardt at canonical.com> wrote:
>
> The behavior of memcpy() for overlapping buffers is undefined.
>
> Fixes: 4c57ec76b725 ("tpm: Implement state command for Cr50")
> Addresses-Coverity-ID: 356664 Overlapping buffer in memory copy
> Signed-off-by: Heinrich Schuchardt <heinrich.schuchardt at canonical.com>
> ---
>  lib/tpm-v2.c | 2 +-
>  1 file changed, 1 insertion(+), 1 deletion(-)
>
> diff --git a/lib/tpm-v2.c b/lib/tpm-v2.c
> index 59e6cbafafa..ad2b5ab0c32 100644
> --- a/lib/tpm-v2.c
> +++ b/lib/tpm-v2.c
> @@ -821,7 +821,7 @@ u32 tpm2_report_state(struct udevice *dev, uint vendor_cmd, uint vendor_subcmd,
>         if (*recv_size < 12)
>                 return -ENODATA;
>         *recv_size -= 12;
> -       memcpy(recvbuf, recvbuf + 12, *recv_size);
> +       memmove(recvbuf, recvbuf + 12, *recv_size);
>
>         return 0;
>  }
> --
> 2.45.2
>

Reviewed-by: Ilias Apalodimas <ilias.apalodimas at linaro.org>