2793
73%
master: 74%

Ran 10 Nov 2020 01:46PM UTC

Jobs 1

Files 56

Run time 13s

Badge

Embed ▾

pending completion

Build # 2793

Build Type

push

travis-ci-com

Committed by

stefanberger

Commit Message

swtpm: Switch to open() from fopen() when accessing statefile

Use the open() call rather than the fopen() call when accessing
the statefile and make sure we do not follow symlinks using O_NOFOLLOW.

The modification does not allow an attacker to create a symbolic link
with the name of the temporary file (TMP2-00.permall for TPM 2) and
have this point to a valueable file and swtpm ends up overwriting the
file. The success of the attack depends on the attacker having access
to the TPM's state directory (--tpmstate dir=...).

Signed-off-by: Stefan Berger <stefanb@linux.ibm.com>

Run Details

3733 of 5078 relevant lines covered (73.51%)

22717.65 hits per line

Jobs

ID	Job ID	Ran	Files	Coverage
2	2793.2 (COVERITY_SCAN_TOKEN=[secure] PREFIX="/usr" CONFIG="--with-openssl --prefix=/usr --enable-test-coverage" SUDO="sudo" CHECK="check" SWTPM_TEST_IBMTSS2="1")	10 Nov 2020 01:46PM UTC	0	73.51	Travis Job 2793.2

Source Files on build 2793

Detailed source file information is not available for this build.

stefanberger / swtpm / 2793
73%
master: 74%

README BADGES
x

Markdown

Textile

RDoc

HTML

Rst

Jobs

Source Files on build 2793

stefanberger / swtpm / 2793 73% master: 74%

README BADGES x

Markdown

Textile

RDoc

HTML

Rst

Jobs

Source Files on build 2793

stefanberger / swtpm / 2793
73%
master: 74%

README BADGES
x