tpm2-software · AndreasFuchsTPM · Nov 26, 2025 · Nov 25, 2025
diff --git a/lib/files.c b/lib/files.c
@@ -334,7 +334,10 @@ static bool load_tpm_context_file(FILE *fstream, TPMS_CONTEXT *context) {
         LOG_WARN("The loaded tpm context does not appear to be in the proper "
                 "format, assuming old format, this will be converted on the "
                 "next save.");
-        rewind(fstream);
+        if (fseek(fstream, 0, SEEK_SET) != 0) {
+            LOG_ERR("Could not rewind stream: %s", strerror(errno));
+            return false;
+        }
         result = files_read_bytes(fstream, (UINT8 *) context, sizeof(*context));
         if (!result) {
             LOG_ERR("Could not load tpm context file");
@@ -407,7 +410,7 @@ static bool check_magic(FILE *fstream, bool seek_reset) {
     bool match = magic == MAGIC;
 
     if (seek_reset) {
-        int rc = fseek(fstream, -sizeof(magic), SEEK_CUR);
+        int rc = fseek(fstream, -(long)sizeof(magic), SEEK_CUR);
         if (rc != 0) {
             LOG_ERR("fseek failed: %s", strerror(errno));
             return false;

diff --git a/lib/pcr.c b/lib/pcr.c
@@ -74,22 +74,25 @@ static bool pcr_parse_list(const char *str, size_t len,
         current_string = str;
         str = memchr(current_string, ',', len);
         if (str) {
-            current_length = str - current_string;
+            ptrdiff_t diff = str - current_string;
+            if (diff > INT_MAX)
+                return false;
+            current_length = (int)diff;
             str++;
             len -= current_length + 1;
         } else {
-            current_length = len;
+            current_length = (int)len;
             len = 0;
         }
 
         dgst = memchr(current_string, '=', current_length);
         if (dgst && ((str == NULL) || (str && dgst < str))) {
-            pcr_len = dgst - current_string;
+            pcr_len = (int)(dgst - current_string);
             dgst++;
             if (str) {
-                dgst_len = str - dgst - 1;
+                dgst_len = (int)(str - dgst - 1);
             } else {
-                dgst_len = current_length - pcr_len - 1;
+                dgst_len = (int)(current_length - pcr_len - 1);
             }
         } else {
             dgst = NULL;

diff --git a/lib/tpm2_convert.c b/lib/tpm2_convert.c
@@ -806,7 +806,7 @@ bool tpm2_base64_encode(BYTE *buffer, size_t buffer_length, char *base64) {
     EVP_ENCODE_CTX *ctx = EVP_ENCODE_CTX_new();
     EVP_EncodeInit(ctx);
 
-    int rc = EVP_EncodeUpdate(ctx, out, &outl, buffer, buffer_length);
+    int rc = EVP_EncodeUpdate(ctx, out, &outl, buffer, (int)buffer_length);
     if(rc < 0) {
         LOG_ERR("EVP_DecodeUpdate failed with %d\n", rc);
         EVP_ENCODE_CTX_free(ctx);
@@ -824,19 +824,20 @@ bool tpm2_base64_encode(BYTE *buffer, size_t buffer_length, char *base64) {
 
 bool tpm2_base64_decode(char *base64, BYTE *buffer, size_t *buffer_length) {
 
-    bool is_base64_bufferlen_valid = strlen(base64) > 1024 ? false : true;
+    size_t len = strlen(base64);
+    bool is_base64_bufferlen_valid = len > 1024 ? false : true;
     if (!is_base64_bufferlen_valid) {
         return false;
     }
 
     unsigned char base64u[1024];
-    memcpy(base64u, base64, strlen(base64));
+    memcpy(base64u, base64, len);
 
     EVP_ENCODE_CTX *ctx = EVP_ENCODE_CTX_new();
     EVP_DecodeInit(ctx);
     unsigned char out[1024];
     int outl;
-    int rc = EVP_DecodeUpdate(ctx, out, &outl, base64u, strlen(base64));
+    int rc = EVP_DecodeUpdate(ctx, out, &outl, base64u, (int)len);
     if(rc < 0) {
         LOG_ERR("EVP_DecodeUpdate failed with %d\n", rc);
         EVP_ENCODE_CTX_free(ctx);

diff --git a/lib/tpm2_eventlog_yaml.c b/lib/tpm2_eventlog_yaml.c
@@ -190,7 +190,7 @@ static char *yaml_utf16_to_str(UTF16_CHAR *data, size_t len) {
     }
 
     for(size_t i = 0; i < len; ++i, tmp += ret) {
-        ret = c16rtomb(tmp, le16toh(data[i].c), &st);
+        ret = c16rtomb(tmp, (int)le16toh(data[i].c), &st);
         if (ret < 0) {
             LOG_ERR("c16rtomb failed: %s", strerror(errno));
             free(mbstr);
@@ -279,7 +279,7 @@ static bool yaml_uefi_hcrtm(const TCG_EVENT2* const event) {
 #ifdef HAVE_EFIVAR_EFIVAR_H
 char *yaml_devicepath(BYTE* dp, UINT64 dp_len) {
     int ret;
-    ret = efidp_format_device_path(NULL, 0, (const_efidp)dp, dp_len);
+    ret = (int)efidp_format_device_path(NULL, 0, (const_efidp)dp, (ssize_t)dp_len);
     if (ret < 0) {
         LOG_ERR("failed to allocate memory: %s\n", strerror(errno));
         return NULL;
@@ -295,8 +295,8 @@ char *yaml_devicepath(BYTE* dp, UINT64 dp_len) {
     }
 
     /* The void* cast is a hack to support efivar versions < 38 */
-    ret = efidp_format_device_path((void *)text_path,
-            text_path_len, (const_efidp)dp, dp_len);
+    ret = (int)efidp_format_device_path((void *)text_path,
+                                        text_path_len, (const_efidp)dp, (ssize_t)dp_len);
     if (ret < 0) {
         free(text_path);
         LOG_ERR("cannot parse device path\n");
@@ -351,7 +351,7 @@ char **yaml_split_escape_string(UINT8 const *description, size_t size)
             len = size - i;
         }
 
-        tmp = realloc(lines, sizeof(char *) * (nlines + 2));
+        tmp = (char **)realloc(lines, sizeof(char *) * (nlines + 2));
         if (!tmp) {
             LOG_ERR("failed to allocate memory for description lines: %s\n",
                     strerror(errno));
@@ -422,7 +422,7 @@ char **yaml_split_escape_string(UINT8 const *description, size_t size)
             }
 
             if (escape == NULL) {
-                lines[nlines][k++] = description[j];
+                lines[nlines][k++] = (char)description[j];
             } else {
                 while (*escape) {
                     lines[nlines][k++] = *escape;
@@ -440,7 +440,7 @@ char **yaml_split_escape_string(UINT8 const *description, size_t size)
     for (i = 0; lines != NULL && lines[i] != NULL; i++) {
       free(lines[i]);
     }
-    free(lines);
+    free((char **)lines);
     return NULL;
 }
 
@@ -575,7 +575,7 @@ static bool yaml_uefi_var(UEFI_VARIABLE_DATA *data, size_t size, UINT32 type,
 
                     uint8_t *signature = (uint8_t *)slist +
                         sizeof(*slist) + le32toh(slist->SignatureHeaderSize);
-                    int signatures = signature_size / le32toh(slist->SignatureSize);
+                    int signatures = (int)(signature_size / le32toh(slist->SignatureSize));
                     /* iterate through each EFI_SIGNATURE on the list */
                     int i;
                     for (i = 0; i < signatures; i++) {

diff --git a/lib/tpm2_identity_util.c b/lib/tpm2_identity_util.c
@@ -1,6 +1,7 @@
 /* SPDX-License-Identifier: BSD-3-Clause */
 
 #include <stdbool.h>
+#include <stdint.h>
 #include <stdlib.h>
 #include <string.h>
 
@@ -249,8 +250,13 @@ static bool aes_encrypt_buffers(TPMT_SYM_DEF_OBJECT *sym,
         if (!b) {
             continue;
         }
+        size_t diff = total_len - offset;
+        if (diff > INT_MAX || l > INT_MAX) {
+            LOG_ERR("Size can't be converted to int");
+            return false;
+        }
 
-        int output_len = total_len - offset;
+        int output_len = (int)diff;
 
         rc = EVP_EncryptUpdate(ctx, &cipher_text->buffer[offset], &output_len,
                 b, l);

diff --git a/lib/tpm2_openssl.c b/lib/tpm2_openssl.c
@@ -466,7 +466,15 @@ static bool do_file(const char *path, char **pass) {
 static bool do_fd(const char *passin, char **pass) {
 
     char *end_ptr = NULL;
-    int fd = strtoul(passin, &end_ptr, 0);
+    unsigned long tmp = strtoul(passin, &end_ptr, 0);
+
+    if (tmp > INT_MAX) {
+        LOG_ERR("Invalid fd (out of range), got: \"%s\"", passin);
+        return false;
+    }
+
+    int fd = (int)tmp;
+
     if (passin[0] != '\0' && end_ptr[0] != '\0') {
         LOG_ERR("Invalid fd, got: \"%s\"", passin);
         return false;
@@ -793,6 +801,7 @@ static bool load_public_ECC_from_key(EVP_PKEY *key, TPM2B_PUBLIC *pub) {
         goto out;
     }
     pp->curveID = curve_id;
+    unsigned int tmp;
 
     /*
      * Copy the X and Y coordinate data into the ECC unique field,
@@ -813,13 +822,25 @@ static bool load_public_ECC_from_key(EVP_PKEY *key, TPM2B_PUBLIC *pub) {
         goto out;
     }
 
-    X->size = BN_bn2binpad(x, X->buffer, keysize);
+    tmp = BN_bn2binpad(x, X->buffer, (int)keysize);
+
+    if (tmp > INT_MAX) {
+        LOG_ERR("Invalid result of BN_bn2binpad");
+        return false;
+    }
+    X->size = tmp;
     if (X->size != keysize) {
         LOG_ERR("Error converting X point BN to binary");
         goto out;
     }
 
-    Y->size = BN_bn2binpad(y, Y->buffer, keysize);
+    tmp = BN_bn2binpad(y, Y->buffer, (int)keysize);
+    if (tmp > INT_MAX) {
+        LOG_ERR("Invalid result of BN_bn2binpad");
+        return false;
+    }
+
+    Y->size = (int)tmp;
     if (Y->size != keysize) {
         LOG_ERR("Error converting Y point BN to binary");
         goto out;
@@ -1073,7 +1094,7 @@ static bool load_private_ECC_from_key(EVP_PKEY *key, TPM2B_SENSITIVE *priv) {
         goto out;
     }
 
-    p->size = BN_bn2binpad(b, p->buffer, priv_bytes);
+    p->size = BN_bn2binpad(b, p->buffer, (int)priv_bytes);
     if (p->size != priv_bytes) {
         goto out;
     }

diff --git a/lib/tpm2_util.c b/lib/tpm2_util.c
@@ -188,7 +188,7 @@ int tpm2_util_hex_to_byte_structure(const char *input_string, UINT16 *byte_lengt
     int i = 0;
     if (input_string == NULL || byte_length == NULL || byte_buffer == NULL)
         return -1;
-    str_length = strlen(input_string);
+    str_length = (int)strlen(input_string);
     if (str_length % 2)
         return -2;
     for (i = 0; i < str_length; i++) {

diff --git a/tools/fapi/tss2_gettpm2object.c b/tools/fapi/tss2_gettpm2object.c
@@ -81,7 +81,7 @@ static int tss2_tool_onrun (FAPI_CONTEXT *fctx) {
         return 1;
     }
 
-    if (strcmp(ctx.data, "-")) {
+    if (strcmp(ctx.data, "-") != 0) {
         if (!ctx.overwrite) {
             FILE *fp = fopen(ctx.data, "rb");
             if (fp) {

diff --git a/tools/fapi/tss2_quote.c b/tools/fapi/tss2_quote.c
@@ -141,7 +141,7 @@ static int tss2_tool_onrun (FAPI_CONTEXT *fctx) {
 
     /* Read qualifyingData file */
     TSS2_RC r;
-    uint8_t *qualifyingData = NULL;
+    void *qualifyingData = NULL;
     size_t qualifyingDataSize = 0;
     if (ctx.qualifyingData) {
         r = open_read_and_close (ctx.qualifyingData,

diff --git a/tools/fapi/tss2_template.c b/tools/fapi/tss2_template.c
@@ -142,7 +142,7 @@ static tpm2_option_code tss2_handle_options (
         case '?':
             goto out;
         default:
-            if (!(*tool_opts)->callbacks.on_opt(c, optarg))
+            if (!(*tool_opts)->callbacks.on_opt((char)c, optarg))
                 goto out;
         }
     }
@@ -293,8 +293,8 @@ TSS2_RC sign_callback(
         int cpy_size = 0;
         if (strlen(publicKeyHint) > 0) {
             const char* tmp = "the key corresponding to the key hint \"%s\" and";
-            cpy_size = strlen(tmp) - 2 /* remove replaced %s */ +
-                strlen(publicKeyHint);
+            cpy_size = (int)(strlen(tmp) - 2 /* remove replaced %s */ +
+                             strlen(publicKeyHint));
             rc = snprintf(publicKeyHintStr, cpy_size+1 /* add \0 */, tmp,
                 publicKeyHint);
             if (rc != cpy_size){
@@ -311,8 +311,8 @@ TSS2_RC sign_callback(
                     "PEM-encoded public key\n");
                 return TSS2_FAPI_RC_GENERAL_FAILURE;
             }
-            cpy_size = strlen(tmp) - 2 /* remove replaced %s */ +
-                strlen(publicKeyHintTmp);
+            cpy_size = (int)(strlen(tmp) - 2 /* remove replaced %s */ +
+                             strlen(publicKeyHintTmp));
             rc = snprintf(publicKeyHintStr, cpy_size+1 /* add \0 */, tmp,
                 publicKeyHintTmp);
             if (rc != cpy_size){

diff --git a/tools/misc/tpm2_print.c b/tools/misc/tpm2_print.c
@@ -4,6 +4,7 @@
 #include <stdbool.h>
 #include <stdio.h>
 #include <string.h>
+#include <errno.h>
 
 #include <tss2/tss2_esys.h>
 #include <tss2/tss2_rc.h>
@@ -304,7 +305,10 @@ static bool print_TPMS_CONTEXT(FILE *fstream) {
     if (!result) {
         LOG_WARN("The loaded tpm context does not appear to be in the proper "
                  "format, assuming old format.");
-        rewind(fstream);
+        if (fseek(fstream, 0, SEEK_SET) != 0) {
+            LOG_ERR("Could not rewind stream: %s", strerror(errno));
+            return false;
+        }
         result = files_read_bytes(fstream, (UINT8 *) &context, sizeof(context));
         if (!result) {
             LOG_ERR("Could not load tpm context file");

diff --git a/tools/tpm2_getekcertificate.c b/tools/tpm2_getekcertificate.c
@@ -671,9 +671,9 @@ static tool_rc nv_read(ESYS_CONTEXT *ectx, TPMI_RH_NV_INDEX nv_index) {
             ESYS_TR_NONE, ESYS_TR_NONE, NULL);
 
     if(ctx.need_x509_trunc) {
-        int len = is_rsa ? 
+        int len = (int)(is_rsa ? 
                   x509_get_len(ctx.rsa_cert_buffer, nv_buf_size) :
-                  x509_get_len(ctx.ecc_cert_buffer, nv_buf_size);
+                  x509_get_len(ctx.ecc_cert_buffer, nv_buf_size));
         if(len > 0){
             nv_buf_size = len;
         }
@@ -1044,7 +1044,7 @@ tool_rc get_tpm_properties(ESYS_CONTEXT *ectx) {
                 continue;
             }
             cert_buffer_ossl = cert_buffer;
-            cert = d2i_X509(NULL, (const unsigned char **)&cert_buffer_ossl, cert_buffer_size);
+            cert = d2i_X509(NULL, (const unsigned char **)&cert_buffer_ossl, (int)cert_buffer_size);
             if (!cert) {
                 free(cert_buffer);
                 LOG_WARN("Invalid certificate found at %x", index);