ima-evm-utils: Fix file2bin stat and fopen relations

Check stat(2) return value, use fstat(2) to avoid race between stat() and fopen(), remove now unused get_filesize(). Fixes: CID 229889. Signed-off-by: Vitaly Chikunov <vt@altlinux.org> Signed-off-by: Mimi Zohar <zohar@linux.ibm.com>
2025-04-28 06:33:36 +02:00 · 2019-07-15 23:05:52 +03:00 · 2019-07-15 23:05:52 +03:00 · 08a51e7460
commit 08a51e7460
parent 9d52489bd3
3 changed files with 21 additions and 14 deletions
--- a/src/evmctl.c
+++ b/src/evmctl.c
@ -175,9 +175,10 @@ static int bin2file(const char *file, const char *ext, const unsigned char *data
 static unsigned char *file2bin(const char *file, const char *ext, int *size)
 {
 	FILE *fp;
-	int len;
+	size_t len;
 	unsigned char *data;
 	char name[strlen(file) + (ext ? strlen(ext) : 0) + 2];
 	struct stat stats;
 	if (ext)
 		sprintf(name, "%s.%s", file, ext);
@ -186,18 +187,33 @@ static unsigned char *file2bin(const char *file, const char *ext, int *size)
 	log_info("Reading to %s\n", name);
 	len = get_filesize(name);
 	fp = fopen(name, "r");
 	if (!fp) {
 		log_err("Failed to open: %s\n", name);
 		return NULL;
 	}
 	if (fstat(fileno(fp), &stats) == -1) {
 		log_err("Failed to fstat: %s (%s)\n", name, strerror(errno));
 		fclose(fp);
 		return NULL;
 	}
 	len = stats.st_size;
 	data = malloc(len);
-	if (!fread(data, len, 1, fp))
+	if (!data) {
-		len = 0;
+		log_err("Failed to malloc %zu bytes: %s\n", len, name);
 		fclose(fp);
 		return NULL;
 	}
 	if (fread(data, len, 1, fp) != len) {
 		log_err("Failed to fread %zu bytes: %s\n", len, name);
 		fclose(fp);
 		free(data);
 		return NULL;
 	}
 	fclose(fp);
-	*size = len;
+	*size = (int)len;
 	return data;
 }
--- a/src/imaevm.h
+++ b/src/imaevm.h
@ -211,7 +211,6 @@ extern struct libevm_params params;
 void do_dump(FILE *fp, const void *ptr, int len, bool cr);
 void dump(const void *ptr, int len);
 int get_filesize(const char *filename);
 int ima_calc_hash(const char *file, uint8_t *hash);
 int get_hash_algo(const char *algo);
 RSA *read_pub_key(const char *keyfile, int x509);
--- a/src/libimaevm.c
+++ b/src/libimaevm.c
@ -116,14 +116,6 @@ const char *get_hash_algo_by_id(int algo)
 	return "unknown";
 }
 int get_filesize(const char *filename)
 {
 	struct stat stats;
 	/*  Need to know the file length */
 	stat(filename, &stats);
 	return (int)stats.st_size;
 }
 static inline off_t get_fdsize(int fd)
 {
 	struct stat stats;