Message ID | 20190715200553.22403-1-vt@altlinux.org (mailing list archive) |
---|---|
State | New, archived |
Headers | show |
Series | [v2,1/5] ima-evm-utils: Fix null dereference from file2bin to memcpy | expand |
Hi Vitaly, On Mon, 2019-07-15 at 23:05 +0300, Vitaly Chikunov wrote: > file2bin() may return NULL, which is set to tmp, which is passed to > memcpy. Add explicit check for it. > > Fixes: CID 229904. Other than the missing tag, this and the other patches look good. thanks! Mimi
Mimi, On Tue, Jul 16, 2019 at 10:46:58AM -0400, Mimi Zohar wrote: > On Mon, 2019-07-15 at 23:05 +0300, Vitaly Chikunov wrote: > > file2bin() may return NULL, which is set to tmp, which is passed to > > memcpy. Add explicit check for it. > > > > Fixes: CID 229904. > > Other than the missing tag, this and the other patches look good. Sorry I forgot to add Signed-off-by tag. You may add to all these commits: Signed-off-by: Vitaly Chikunov <vt@altlinux.org> Thanks, > > thanks! > > Mimi
diff --git a/src/evmctl.c b/src/evmctl.c index a6d07c9..d6e0b2c 100644 --- a/src/evmctl.c +++ b/src/evmctl.c @@ -821,7 +821,15 @@ static int verify_ima(const char *file) if (sigfile) { void *tmp = file2bin(file, "sig", &len); - assert(len <= sizeof(sig)); + if (!tmp) { + log_err("Failed reading: %s\n", file); + return -1; + } + if (len > sizeof(sig)) { + log_err("Signature file is too big: %s\n", file); + free(tmp); + return -1; + } memcpy(sig, tmp, len); free(tmp); } else {