Re: [PATCH v5 01/11] ima-evm-utils: Make sure sig buffer is always MAX_SIGNATURE_SIZE

Mimi Zohar <zohar@xxxxxxxxxxxxx> · Fri, 21 Jun 2019 07:27:30 -0400

On Fri, 2019-06-21 at 14:22 +0300, Vitaly Chikunov wrote:
> Mimi,
> 
> On Fri, Jun 21, 2019 at 07:08:12AM -0400, Mimi Zohar wrote:
> > On Fri, 2019-06-21 at 09:59 +0300, Vitaly Chikunov wrote:
> > > On Thu, Jun 20, 2019 at 05:42:18PM -0400, Mimi Zohar wrote:
> > > > On Tue, 2019-06-18 at 16:56 +0300, Vitaly Chikunov wrote:
> > > > > Fix off-by-one error of the output buffer passed to sign_hash().
> > > > > 
> > > > > Signed-off-by: Vitaly Chikunov <vt@xxxxxxxxxxxx>
> > > > > ---
> > > > >  src/evmctl.c | 4 ++--
> > > > >  1 file changed, 2 insertions(+), 2 deletions(-)
> > > > > 
> > > > > diff --git a/src/evmctl.c b/src/evmctl.c
> > > > > index 15a7226..03f41fe 100644
> > > > > --- a/src/evmctl.c
> > > > > +++ b/src/evmctl.c
> > > > > @@ -510,7 +510,7 @@ static int calc_evm_hash(const char *file, unsigned char *hash)
> > > > >  static int sign_evm(const char *file, const char *key)
> > > > >  {
> > > > >  	unsigned char hash[MAX_DIGEST_SIZE];
> > > > > -	unsigned char sig[MAX_SIGNATURE_SIZE];
> > > > > +	unsigned char sig[MAX_SIGNATURE_SIZE + 1];
> > > > >  	int len, err;
> > > > > 
> > > > >  	len = calc_evm_hash(file, hash);
> > > > > @@ -519,7 +519,7 @@ static int sign_evm(const char *file, const char *key)
> > > > >  		return len;
> > > > > 
> > > > >  	len = sign_hash(params.hash_algo, hash, len, key, NULL, sig + 1);
> > > > > -	assert(len < sizeof(sig));
> > > > > +	assert(len <= MAX_SIGNATURE_SIZE);
> > > > >  	if (len <= 1)
> > > > >  		return len;
> > > > > 
> > > > 
> > > > A similar problem occurs in sign_ima.  Without these changes
> > > > sign_hash() succeeds, returning a length of 520 for
> > > > sha256/streebog256. 
> > > 
> > > I will add it. Also, I found more similar errors and will fix them together.
> > 
> > The first byte of sig is reserved for the type of signature.  The
> > remaining buffer is for the signature itself.  The existing
> > "assert(len < sizeof(sig))" is therefore correct.  The sig size being
> > returned is less than 1023, so why is this change needed?
> 
> Well, it looked more straightforward to check explicit
> MAX_SIGNATURE_SIZE instead of relying on that '<' accounts for
> that additional byte.
> 
> Main fix is of course this:
> 
> > > > > -       unsigned char sig[MAX_SIGNATURE_SIZE];
> > > > > +       unsigned char sig[MAX_SIGNATURE_SIZE + 1];

That is the question.  Why does the buffer need to be
"MAX_SIGNATURE_SIZE + 1", making it 1025 bytes?  MAX_SIGNATURE_SIZE -
1 is large enough for the signature.

Mimi

> 
> I will revert all that `assert(len <= MAX_SIGNATURE_SIZE)` back to
> `assert(len < sizeof(sig))`.
> 
> Thanks,
> 