libspdm icon indicating copy to clipboard operation
libspdm copied to clipboard
verified publisher icon DMTF

Improve VCA request / response validation

Open steven-bellock opened this issue 4 years ago • 3 comments

Examples include:

  • Validate that one-hot fields are actually one-hot.
  • In negotiate_algorithms the requester loops over ALGORITHMS.param1 without validating it first.

steven-bellock avatar Jul 16 '21 16:07 steven-bellock

agree

jyao1 avatar Jul 19 '21 14:07 jyao1

Also in libspdm_try_get_version we need to validate that the major / minor version numbers are legal; 1.0, 1.1, 1.2, etc.

steven-bellock avatar Sep 10 '22 23:09 steven-bellock

In NEGOTIATE_ALGORITHMS libspdm needs to check struct_table->alg_type.

steven-bellock avatar Nov 08 '22 17:11 steven-bellock

This has been sufficiently completed.

steven-bellock avatar Jan 03 '23 17:01 steven-bellock