xiaomi-sm8450/android_kernel_xiaomi_sm8450
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

security/integrity: Harden against malformed xattrs

Browse Source 
In general the handling of IMA/EVM xattrs is good, but I found
a few locations where either the xattr size or the value of the
type field in the xattr are not checked. Add a few simple checks
to these locations to prevent malformed or malicious xattrs from
causing problems.

Signed-off-by: Seth Forshee <seth.forshee@canonical.com>
Signed-off-by: Mimi Zohar <zohar@linux.vnet.ibm.com>
This commit is contained in:
Seth Forshee
2016-08-01 08:19:10 -05:00
committed by Mimi Zohar
parent 5465d02a49
commit b4bfec7f4a
3 changed files with 9 additions and 2 deletions
Download Patch File Download Diff File Expand all files Collapse all files

2
security/integrity/digsig.c
View File

@@ -51,7 +51,7 @@ static bool init_keyring __initdata;
int integrity_digsig_verify(const unsigned int id, const char *sig, int siglen,
const char *digest, int digestlen)
{
if (id >= INTEGRITY_KEYRING_MAX)
if (id >= INTEGRITY_KEYRING_MAX || siglen < 2)
return -EINVAL;
if (!keyring[id]) {