From 9025bb686a4dab5e263da873d906105c173e5bb7 Mon Sep 17 00:00:00 2001
From: guoxiaoqi <guoxiaoqi2@huawei.com>
Date: Wed, 14 Apr 2021 16:58:58 +0800
Subject: [PATCH] fix CVE-2021-3446

---
 CVE-2021-3446.patch | 38 ++++++++++++++++++++++++++++++++++++++
 libtpms.spec        |  6 +++++-
 2 files changed, 43 insertions(+), 1 deletion(-)
 create mode 100644 CVE-2021-3446.patch

diff --git a/CVE-2021-3446.patch b/CVE-2021-3446.patch
new file mode 100644
index 0000000..71571a0
--- /dev/null
+++ b/CVE-2021-3446.patch
@@ -0,0 +1,38 @@
+From ccbdb7ad111e1352e291e812d3abd6512b72a927 Mon Sep 17 00:00:00 2001
+From: guoxiaoqi <guoxiaoqi2@huawei.com>
+Date: Thu, 15 Apr 2021 16:51:31 +0800
+Subject: [PATCH] CVE-2021-3446
+
+Signed-off-by: guoxiaoqi <guoxiaoqi2@huawei.com>
+---
+ configure.ac                       | 1 +
+ src/tpm2/crypto/openssl/CryptSym.c | 1 +
+ 2 files changed, 2 insertions(+)
+
+diff --git a/configure.ac b/configure.ac
+index 1bb45d1..e222351 100644
+--- a/configure.ac
++++ b/configure.ac
+@@ -165,6 +165,7 @@ AS_IF([test "x$enable_use_openssl_functions" != "xno"], [
+ 	AC_CHECK_LIB([crypto], [EVP_aes_128_cbc],, not_found=1)
+ 	AC_CHECK_LIB([crypto], [EVP_des_ede3_cbc],, not_found=1)
+ 	AC_CHECK_LIB([crypto], [DES_random_key],, not_found=1)
++        AC_CHECK_LIB([crypto], [EVP_CIPHER_CTX_iv],, not_found=1)
+ 	if test "x$not_found" = "x0"; then
+ 		use_openssl_functions_symmetric=1
+ 		use_openssl_functions_for="symmetric (AES, TDES) "
+diff --git a/src/tpm2/crypto/openssl/CryptSym.c b/src/tpm2/crypto/openssl/CryptSym.c
+index 7aa90da..167dce2 100644
+--- a/src/tpm2/crypto/openssl/CryptSym.c
++++ b/src/tpm2/crypto/openssl/CryptSym.c
+@@ -531,6 +531,7 @@ CryptSymmetricEncrypt(
+     BYTE                 keyToUse[MAX_SYM_KEY_BYTES];
+     UINT16               keyToUseLen = (UINT16)sizeof(keyToUse);
+     TPM_RC               retVal = TPM_RC_SUCCESS;
++    int                  ivLen;
+ 
+     pAssert(dOut != NULL && key != NULL && dIn != NULL);
+     if(dSize == 0)
+-- 
+1.8.3.1
+
diff --git a/libtpms.spec b/libtpms.spec
index c9710ae..4bc1c82 100644
--- a/libtpms.spec
+++ b/libtpms.spec
@@ -19,11 +19,12 @@
 Summary: Library providing Trusted Platform Module (TPM) functionality
 Name:           %{name}
 Version:        %{versionx}
-Release:        2
+Release:        3
 License:        BSD
 Group:          Development/Libraries
 Url:            http://github.com/stefanberger/libtpms
 Source0:        %{url}/archive/%{gitcommit}/%{name}-%{gitshortcommit}.tar.gz
+#Patch0:         CVE-2021-3446.patch
 Provides:       libtpms-%{crypto_subsystem} = %{version}-%{release}
 
 %if "%{crypto_subsystem}" == "openssl"
@@ -116,6 +117,9 @@ rm -f $RPM_BUILD_ROOT%{_libdir}/libtpms.la
 %postun -p /sbin/ldconfig
 
 %changelog
+* Wed Apr 14 2021 guoxiaoqi <guoxiaoqi2@huawei.com> - 0.7.3-3
+- fix CVE-2021-3446
+
 * Mon Sep 14 2020 jiangfangjie <jiangfangjie@huawei.com> - 0.7.3-2
 - update spec file including source0 and update source file 
 
-- 
Gitee