[ima-evm-utils,10/11] Limit the file hash algorithm name length

Commit Message

Mimi Zohar Sept. 2, 2022, 4:28 p.m. UTC

Instead of assuming the file hash algorithm is a properly NULL terminated
string, properly limit the "algo:<hash>" field size.

Reviewed-by: Petr Vorel <pvorel@suse.cz>
Signed-off-by: Mimi Zohar <zohar@linux.ibm.com>
---
 src/evmctl.c | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

Patch

diff --git a/src/evmctl.c b/src/evmctl.c
index a497b1a468d6..aac669438a1c 100644
--- a/src/evmctl.c
+++ b/src/evmctl.c
@@ -1602,7 +1602,7 @@  void ima_ng_show(struct template_entry *entry)
 	total_len -= sizeof(field_len);
 
 	algo = (char *)fieldp;
-	len = strlen(algo) + 1;
+	len = strnlen(algo, field_len - 1) + 1;
 	digest_len = field_len - len;
 	digest = fieldp + len;