dh/ima-evm-utils-mirror
1
0
Fork 0
mirror of https://git.code.sf.net/p/linux-ima/ima-evm-utils synced 2025-04-28 06:33:36 +02:00
Code Releases Activity

Make sure the key file is a regular file

Browse Source 
Before attempting to use the key file, make sure it is a regular file.

Reviewed-by: Stefan Berger <stefanb@linux.ibm.com>
Signed-off-by: Mimi Zohar <zohar@linux.ibm.com>
This commit is contained in:
Mimi Zohar 2022-09-11 14:51:52 -04:00
parent 297d01bdb6
commit c8b1757270
1 changed files with 12 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

12
src/libimaevm.c
View File

@ -250,6 +250,7 @@ EVP_PKEY *read_pub_pkey(const char *keyfile, int x509)
{ {
FILE *fp; FILE *fp;
EVP_PKEY *pkey = NULL; EVP_PKEY *pkey = NULL;
struct stat st;
if (!keyfile) if (!keyfile)
return NULL; return NULL;
@ -261,6 +262,17 @@ EVP_PKEY *read_pub_pkey(const char *keyfile, int x509)
return NULL; return NULL;
} }
if (fstat(fileno(fp), &st) == -1) {
log_err("Failed to fstat key file: %s\n", keyfile);
goto out;
}
if ((st.st_mode & S_IFMT) != S_IFREG) {
if (imaevm_params.verbose > LOG_INFO)
log_err("Key file is not regular file: %s\n", keyfile);
goto out;
}
if (x509) { if (x509) {
X509 *crt = d2i_X509_fp(fp, NULL); X509 *crt = d2i_X509_fp(fp, NULL);