dh/ima-evm-utils-mirror
1
0
Fork 0
mirror of https://git.code.sf.net/p/linux-ima/ima-evm-utils synced 2025-06-30 21:02:33 +02:00
Code Releases Activity

Define and verify the template data length upper bounds

Browse Source 
The template data length is variable, based on the template format.
Define some sort of upper bounds.

Reviewed-by: Stefan Berger <stefanb@linux.ibm.com>
Signed-off-by: Mimi Zohar <zohar@linux.ibm.com>
This commit is contained in:
Mimi Zohar
2022-09-13 12:23:55 -04:00
parent 6778e3511b
commit 22f8effda5
2 changed files with 12 additions and 1 deletions
Download Patch File Download Diff File Expand all files Collapse all files

3
src/evmctl.c
View File

@ -2189,7 +2189,8 @@ static int ima_measurement(const char *file)
log_err("Unable to read template length\n");
goto out;
}
if (entry.template_len == 0) {
if (entry.template_len == 0 ||
entry.template_len > MAX_TEMPLATE_SIZE) {
log_err("Invalid template data len\n");
goto out;
}