From 3106e475243e1e35df18d5086f7a5df8758bbda1 Mon Sep 17 00:00:00 2001 From: Ivan Khoronzhuk Date: Fri, 27 Jan 2023 22:02:14 +0200 Subject: [PATCH] common: avb_verify: prevent opening incorrect session The arg->session is not valid if arg->ret != NULL, so can't be assigned, correct this. Signed-off-by: Ivan Khoronzhuk Reviewed-by: Jens Wiklander --- common/avb_verify.c | 9 +++++---- 1 file changed, 5 insertions(+), 4 deletions(-) diff --git a/common/avb_verify.c b/common/avb_verify.c index 0520a71455..48ba8db51e 100644 --- a/common/avb_verify.c +++ b/common/avb_verify.c @@ -619,10 +619,11 @@ static int get_open_session(struct AvbOpsData *ops_data) memset(&arg, 0, sizeof(arg)); tee_optee_ta_uuid_to_octets(arg.uuid, &uuid); rc = tee_open_session(tee, &arg, 0, NULL); - if (!rc) { - ops_data->tee = tee; - ops_data->session = arg.session; - } + if (rc || arg.ret) + continue; + + ops_data->tee = tee; + ops_data->session = arg.session; } return 0; -- 2.39.5