dh/ima-evm-utils-mirror
1
0
Fork 0
mirror of https://git.code.sf.net/p/linux-ima/ima-evm-utils synced 2025-04-28 06:33:36 +02:00
Code Releases Activity

ima-evm-utils: fix overflow on printing boot_aggregate

Browse Source 
There was no room for placing the '\0' at the end of boot_aggregate value,
thus printf() was reading 1 byte beyond the array limit.

Signed-off-by: Bruno Meneguele <bmeneg@redhat.com>
Signed-off-by: Mimi Zohar <zohar@linux.ibm.com>
This commit is contained in:
Bruno Meneguele 2020-07-15 18:39:06 -03:00 committed by Mimi Zohar
parent dbbaccc781
commit 3e7d575816
1 changed files with 3 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

4
src/evmctl.c
View File

@ -2265,7 +2265,8 @@ static int cmd_ima_bootaggr(struct command *cmd)
bootaggr_len += strlen(tpm_banks[i].algo_name) + 1; bootaggr_len += strlen(tpm_banks[i].algo_name) + 1;
bootaggr_len += (tpm_banks[i].digest_size * 2) + 1; bootaggr_len += (tpm_banks[i].digest_size * 2) + 1;
} }
bootaggr = malloc(bootaggr_len); /* Make room for the trailing null */
bootaggr = malloc(bootaggr_len + 1);
/* /*
* Calculate and convert the per TPM 2.0 PCR bank algorithm * Calculate and convert the per TPM 2.0 PCR bank algorithm
@ -2279,6 +2280,7 @@ static int cmd_ima_bootaggr(struct command *cmd)
calc_bootaggr(&tpm_banks[i]); calc_bootaggr(&tpm_banks[i]);
offset += append_bootaggr(bootaggr + offset, tpm_banks + i); offset += append_bootaggr(bootaggr + offset, tpm_banks + i);
} }
bootaggr[bootaggr_len] = '\0';
printf("%s", bootaggr); printf("%s", bootaggr);
free(bootaggr); free(bootaggr);
return 0; return 0;