Re: [PATCH v2 2/7] ima-evm-utils: Define hash and sig buffer sizes and add asserts

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 

On Wed, 2018-11-28 at 23:06 +0300, Vitaly Chikunov wrote:
> To prevent hash and sig buffers size mismatch, define their maximum
> sizes and add sanity checking asserts.
> 
> Suggested-by: Mimi Zohar <zohar@xxxxxxxxxxxxx>
> Signed-off-by: Vitaly Chikunov <vt@xxxxxxxxxxxx>

Thanks! 

> ---


> diff --git a/src/evmctl.c b/src/evmctl.c
> index f8035da..f53c684 100644
> --- a/src/evmctl.c
> +++ b/src/evmctl.c
> 
> @@ -543,7 +545,7 @@ static int sign_evm(const char *file, const char *key)
> 
>  static int hash_ima(const char *file)
>  {
> -	unsigned char hash[66]; /* MAX hash size + 2 */
> +	unsigned char hash[MAX_DIGEST_SIZE + 2];

Let's comment this as /* +2 byte xattr header */

>  	int len, err, offset;
>  	int algo = get_hash_algo(params.hash_algo);
>
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
[Index of Archives]     [Linux Kernel]     [Linux Kernel Hardening]     [Linux NFS]     [Linux NILFS]     [Linux USB Devel]     [Video for Linux]     [Linux Audio Users]     [Yosemite News]     [Linux SCSI]

  Powered by Linux