dh/ima-evm-utils-mirror
1
0
Fork 0
mirror of https://git.code.sf.net/p/linux-ima/ima-evm-utils synced 2025-04-28 14:43:37 +02:00
Code Releases Activity

Fix out-of-bounds read

Browse Source 
Coverity reported "overrunning an array".  Properly clear only the
remaining unused buffer memory.

Fixes: 874c0fd45cab ("EVM hmac calculation")
Signed-off-by: Mimi Zohar <zohar@linux.ibm.com>
This commit is contained in:
Mimi Zohar 2021-07-15 13:54:19 -04:00
parent 996435d2d6
commit ad1d5e3f67
1 changed files with 2 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

3
src/evmctl.c
View File

@ -1108,7 +1108,8 @@ static int calc_evm_hmac(const char *file, const char *keyfile, unsigned char *h
/* EVM key is 128 bytes */ /* EVM key is 128 bytes */
memcpy(evmkey, key, keylen); memcpy(evmkey, key, keylen);
memset(evmkey + keylen, 0, sizeof(evmkey) - keylen); if (keylen < sizeof(evmkey))
memset(evmkey + keylen, 0, sizeof(evmkey) - keylen);
if (lstat(file, &st)) { if (lstat(file, &st)) {
log_err("Failed to stat: %s\n", file); log_err("Failed to stat: %s\n", file);