Permalink
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
Browse files
Browse the repository at this point in the history
Add sysno check in MessageReader
The sysno in MessageReader is interpreted from the Message header passed from the host. A malicious Message header may provide a modified sysno to bypass the validation, and overwrites enclave memory. This change adds a check for sysno to make sure it matches the expected value. This issue was reported by Qinkun Bao, Zhaofeng Chen, Mingshen Sun, and Kang Li from Baidu Security. PiperOrigin-RevId: 377328054 Change-Id: I3ff6f60694d3390f66da89d139cf7cc7b49abaea
- Loading branch information