From: Jes Sorensen <jsorensen@xxxxxx>
Return -EINVAL on any invalid input argument, as well
as if any of the reserved fields are set in
struct libfsverity_signature_digest
Signed-off-by: Jes Sorensen <jsorensen@xxxxxx>
---
libverity.c | 34 ++++++++++++++++++++++++++--------
1 file changed, 26 insertions(+), 8 deletions(-)
diff --git a/libverity.c b/libverity.c
index 1cef544..e16306d 100644
--- a/libverity.c
+++ b/libverity.c
@@ -494,18 +494,36 @@ libfsverity_sign_digest(const struct libfsverity_digest *digest,
X509 *cert = NULL;
const EVP_MD *md;
size_t data_size;
- uint16_t alg_nr;
- int retval = -EAGAIN;
+ uint16_t alg_nr, digest_size;
+ int i, retval = -EAGAIN;
+ const char magic[8] = "FSVerity";
+
+ if (!digest || !sig_params || !sig_ret || !sig_size_ret)
+ return -EINVAL;
+
+ if (strncmp(digest->magic, magic, sizeof(magic)))
+ return -EINVAL;
+
+ if (!sig_params->keyfile || !sig_params->certfile)
+ return -EINVAL;
+
+ for (i = 0; i < sizeof(sig_params->reserved) /
+ sizeof(sig_params->reserved[0]); i++) {
+ if (sig_params->reserved[i])
+ return -EINVAL;
+ }
+
+ digest_size = le16_to_cpu(digest->digest_size);
+ data_size = sizeof(struct libfsverity_digest) + digest_size;
- data_size = sizeof(struct libfsverity_digest) +
- le16_to_cpu(digest->digest_size);
alg_nr = le16_to_cpu(digest->digest_algorithm);
hash_alg = libfsverity_find_hash_alg_by_num(alg_nr);
- if (!hash_alg) {
- retval = -EINVAL;
- goto out;
- }
+ if (!hash_alg)
+ return -EINVAL;
+
+ if (digest_size != hash_alg->digest_size)
+ return -EINVAL;
pkey = read_private_key(sig_params->keyfile);
if (!pkey) {
--
2.25.3
|