[v2,1/5] ima-evm-utils: Fix null dereference from file2bin to memcpy
diff mbox series

Message ID 20190715200553.22403-1-vt@altlinux.org
State New
Headers show
Series
  • [v2,1/5] ima-evm-utils: Fix null dereference from file2bin to memcpy
Related show

Commit Message

Vitaly Chikunov July 15, 2019, 8:05 p.m. UTC
file2bin() may return NULL, which is set to tmp, which is passed to
memcpy. Add explicit check for it.

Fixes: CID 229904.
---
 src/evmctl.c | 10 +++++++++-
 1 file changed, 9 insertions(+), 1 deletion(-)

Comments

Mimi Zohar July 16, 2019, 2:46 p.m. UTC | #1
Hi Vitaly,

On Mon, 2019-07-15 at 23:05 +0300, Vitaly Chikunov wrote:
> file2bin() may return NULL, which is set to tmp, which is passed to
> memcpy. Add explicit check for it.
> 
> Fixes: CID 229904.

Other than the missing tag, this and the other patches look good.

thanks!

Mimi
Vitaly Chikunov July 16, 2019, 2:59 p.m. UTC | #2
Mimi,

On Tue, Jul 16, 2019 at 10:46:58AM -0400, Mimi Zohar wrote:
> On Mon, 2019-07-15 at 23:05 +0300, Vitaly Chikunov wrote:
> > file2bin() may return NULL, which is set to tmp, which is passed to
> > memcpy. Add explicit check for it.
> > 
> > Fixes: CID 229904.
> 
> Other than the missing tag, this and the other patches look good.

Sorry I forgot to add Signed-off-by tag. You may add to all these commits:

Signed-off-by: Vitaly Chikunov <vt@altlinux.org>

Thanks,

> 
> thanks!
> 
> Mimi

Patch
diff mbox series

diff --git a/src/evmctl.c b/src/evmctl.c
index a6d07c9..d6e0b2c 100644
--- a/src/evmctl.c
+++ b/src/evmctl.c
@@ -821,7 +821,15 @@  static int verify_ima(const char *file)
 	if (sigfile) {
 		void *tmp = file2bin(file, "sig", &len);
 
-		assert(len <= sizeof(sig));
+		if (!tmp) {
+			log_err("Failed reading: %s\n", file);
+			return -1;
+		}
+		if (len > sizeof(sig)) {
+			log_err("Signature file is too big: %s\n", file);
+			free(tmp);
+			return -1;
+		}
 		memcpy(sig, tmp, len);
 		free(tmp);
 	} else {