[PATCH v2] ima: Fix warn potential negative subtraction from max

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



Found by smatch:
security/integrity/ima/ima_queue.c:122 ima_add_digest_entry() warn:
potential negative subtraction from max '(~0)- size'

Signed-off-by: Vasyl Gomonovych <gomonovych@xxxxxxxxx>
---
This minor change remove smatch warning but 
I don't think that before change it was vulnerable, 
motivation for this patch was smatch report.

Changelog:
 - v2: change get_binary_runtime_size return type

 security/integrity/ima/ima_queue.c | 6 +++---
 1 file changed, 3 insertions(+), 3 deletions(-)

diff --git a/security/integrity/ima/ima_queue.c b/security/integrity/ima/ima_queue.c
index a02a86d51102..3d5f981b8453 100644
--- a/security/integrity/ima/ima_queue.c
+++ b/security/integrity/ima/ima_queue.c
@@ -74,9 +74,9 @@ static struct ima_queue_entry *ima_lookup_digest_entry(u8 *digest_value,
  * binary_runtime_measurement list entry, which contains a
  * couple of variable length fields (e.g template name and data).
  */
-static int get_binary_runtime_size(struct ima_template_entry *entry)
+static unsigned int get_binary_runtime_size(struct ima_template_entry *entry)
 {
-	int size = 0;
+	unsigned int size = 0;
 
 	size += sizeof(u32);	/* pcr */
 	size += sizeof(entry->digest);
@@ -116,7 +116,7 @@ static int ima_add_digest_entry(struct ima_template_entry *entry,
 	}
 
 	if (binary_runtime_size != ULONG_MAX) {
-		int size;
+		unsigned int size;
 
 		size = get_binary_runtime_size(entry);
 		binary_runtime_size = (binary_runtime_size < ULONG_MAX - size) ?
-- 
1.9.1




[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
[Index of Archives]     [Linux Kernel]     [Linux Kernel Hardening]     [Linux NFS]     [Linux NILFS]     [Linux USB Devel]     [Video for Linux]     [Linux Audio Users]     [Yosemite News]     [Linux SCSI]

  Powered by Linux