On Mon, Jul 15, 2019 at 03:08:55PM -0400, Mimi Zohar wrote:
> On Sat, 2019-07-13 at 00:28 +0300, Vitaly Chikunov wrote:
> > caps_str is passed from command line but copied into fixed-size buffer.
> > CID 229895.
> > ---
> > src/evmctl.c | 3 ++-
> > 1 file changed, 2 insertions(+), 1 deletion(-)
> >
> > diff --git a/src/evmctl.c b/src/evmctl.c
> > index 39bc3d9..e07cff4 100644
> > --- a/src/evmctl.c
> > +++ b/src/evmctl.c
> > @@ -409,8 +409,9 @@ static int calc_evm_hash(const char *file, unsigned char *hash)
> > } else if (!strcmp(*xattrname, XATTR_NAME_CAPS) && (hmac_flags & HMAC_FLAG_CAPS_SET)) {
> > if (!caps_str)
> > continue;
> > - strcpy(xattr_value, caps_str);
> > err = strlen(caps_str);
> > + assert(err < sizeof(xattr_value));
>
> "calc_evm_hash" can be called while walking and labeling, or
> verifying, a file system. We probably don't want to abruptly end it.
> Maybe emit an error message and return and error?
Ok. I will also add similar checks for selinux_str and ima_str.
Thanks,
>
>
> > + strcpy(xattr_value, caps_str);
> > } else {
> > err = lgetxattr(file, *xattrname, xattr_value, sizeof(xattr_value));
> > if (err < 0) {
