dh/ima-evm-utils-mirror
1
0
Fork 0
mirror of https://git.code.sf.net/p/linux-ima/ima-evm-utils synced 2025-04-27 22:32:31 +02:00
Code Releases Activity

Missing template data size lower bounds checking

Browse Source 
Each record in the IMA measurement list must contain some template data.
Ensure the template data is not zero length.

Reviewed-by: Petr Vorel <pvorel@suse.cz>
Reviewed-by: Stefan Berger <stefanb@linux.ibm.com>
Signed-off-by: Mimi Zohar <zohar@linux.ibm.com>
This commit is contained in:
Mimi Zohar 2022-08-26 14:36:46 -04:00
parent 232836a079
commit f57ea92d6e
1 changed files with 4 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

4
src/evmctl.c
View File

@ -2189,6 +2189,10 @@ static int ima_measurement(const char *file)
log_err("Unable to read template length\n"); log_err("Unable to read template length\n");
goto out; goto out;
} }
if (entry.template_len == 0) {
log_err("Invalid template data len\n");
goto out;
}
} else { } else {
entry.template_len = SHA_DIGEST_LENGTH + entry.template_len = SHA_DIGEST_LENGTH +
TCG_EVENT_NAME_LEN_MAX + 1; TCG_EVENT_NAME_LEN_MAX + 1;