dh/ima-evm-utils-mirror
1
0
Fork 0
mirror of https://git.code.sf.net/p/linux-ima/ima-evm-utils synced 2025-04-27 14:22:31 +02:00
Code Releases Activity

libimaevm: do not crash if the certificate cannot be read

Browse Source 
This code path can be triggered if someone inadvertedly swaps the key
with the certificate in the evmctl command line. Our `x` variable would
be NULL, and we need to abort further processing of the certificate.

Signed-off-by: Alberto Mardegan <a.mardegan@omp.ru>
Signed-off-by: Mimi Zohar <zohar@linux.ibm.com>
This commit is contained in:
Alberto Mardegan 2023-01-09 07:52:48 +00:00 committed by Mimi Zohar
parent 3f162e8e3d
commit eea9827d99
1 changed files with 1 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

1
src/libimaevm.c
View File

@ -923,6 +923,7 @@ static int read_keyid_from_cert(uint32_t *keyid_be, const char *certfile, int tr
ERR_print_errors_fp(stderr); ERR_print_errors_fp(stderr);
log_err("read keyid: %s: Error reading x509 certificate\n", log_err("read keyid: %s: Error reading x509 certificate\n",
certfile); certfile);
return -1;
} }
if (!(skid = x509_get_skid(x, &skid_len))) { if (!(skid = x509_get_skid(x, &skid_len))) {