dh/ima-evm-utils-mirror
1
0
Fork 0
mirror of https://git.code.sf.net/p/linux-ima/ima-evm-utils synced 2025-10-30 20:52:15 +01:00
Code Releases Activity

Fix out-of-bounds read

Browse Source 
Coverity reported "overrunning an array".  Properly clear only the
remaining unused buffer memory.

Fixes: 874c0fd45c ("EVM hmac calculation")
Signed-off-by: Mimi Zohar <zohar@linux.ibm.com>
This commit is contained in:
Mimi Zohar
2021-07-15 13:54:19 -04:00
parent 996435d2d6
commit ad1d5e3f67
1 changed files with 2 additions and 1 deletions
Download Patch File Download Diff File Expand all files Collapse all files

3
src/evmctl.c
View File

@@ -1108,7 +1108,8 @@ static int calc_evm_hmac(const char *file, const char *keyfile, unsigned char *h
/* EVM key is 128 bytes */
memcpy(evmkey, key, keylen);
memset(evmkey + keylen, 0, sizeof(evmkey) - keylen);
if (keylen < sizeof(evmkey))
memset(evmkey + keylen, 0, sizeof(evmkey) - keylen);
if (lstat(file, &st)) {
log_err("Failed to stat: %s\n", file);