Skip to content
Permalink
Browse files Browse the repository at this point in the history
Verify UntrustedCall output is outside enclave
PiperOrigin-RevId: 333781703
Change-Id: I9df55c04dc8b04f4bf0bda8e68cc32bca81b933a
  • Loading branch information
kongoshuu committed Sep 25, 2020
1 parent ed0926b commit 83036fd
Showing 1 changed file with 5 additions and 0 deletions.
5 changes: 5 additions & 0 deletions asylo/platform/primitives/sgx/trusted_sgx.cc
Expand Up @@ -288,6 +288,11 @@ PrimitiveStatus TrustedPrimitives::UntrustedCall(uint64_t untrusted_selector,
if (sgx_params->input) {
untrusted_cache->Free(const_cast<void *>(sgx_params->input));
}
if (!TrustedPrimitives::IsOutsideEnclave(sgx_params->output,
sgx_params->output_size)) {
TrustedPrimitives::BestEffortAbort(
"UntrustedCall: sgx_param output should be in untrusted memory");
}
if (sgx_params->output) {
// For the results obtained in |output_buffer|, copy them to |output|
// before freeing the buffer.
Expand Down

0 comments on commit 83036fd

Please sign in to comment.