Fwd: [integrity:next-queued-testing 8/13] security/integrity/ima/ima_modsig.c:81:17-20: ERROR: reference preceded by free on line 80

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 

This looks risky. See lines 80 and 81.

-------- Courriel original --------
Objet: [integrity:next-queued-testing 8/13] security/integrity/ima/ima_modsig.c:81:17-20: ERROR: reference preceded by free on line 80 
Date: 07.08.2019 15:10
De: kbuild test robot <lkp@xxxxxxxxx>
À: kbuild@xxxxxx
Cc: Julia Lawall <julia.lawall@xxxxxxx>

CC: kbuild-all@xxxxxx
CC: linux-integrity@xxxxxxxxxxxxxxx
TO: Thiago Jung Bauermann <bauerman@xxxxxxxxxxxxx>
CC: Mimi Zohar <zohar@xxxxxxxxxxxxx>
tree: https://kernel.googlesource.com/pub/scm/linux/kernel/git/zohar/linux-integrity.git next-queued-testing 
head:   cd3553a6a5047b7a759803ae3ba3991a901b89f8
commit: 2ebb61778990547b3dd7496bb66d0ac837659b14 [8/13] ima: Implement support for module-style appended signatures 
:::::: branch date: 6 days ago
:::::: commit date: 6 days ago

If you fix the issue, kindly add following tag
Reported-by: kbuild test robot <lkp@xxxxxxxxx>
Reported-by: Julia Lawall <julia.lawall@xxxxxxx>
security/integrity/ima/ima_modsig.c:81:17-20: ERROR: reference preceded by free on line 80
git remote add integrity https://kernel.googlesource.com/pub/scm/linux/kernel/git/zohar/linux-integrity.git 
git remote update integrity
git checkout 2ebb61778990547b3dd7496bb66d0ac837659b14
vim +81 security/integrity/ima/ima_modsig.c

2ebb6177899054 Thiago Jung Bauermann 2019-06-27  41
2ebb6177899054 Thiago Jung Bauermann 2019-06-27  42  /*
2ebb6177899054 Thiago Jung Bauermann 2019-06-27 43 * ima_read_modsig - Read modsig from buf. 
2ebb6177899054 Thiago Jung Bauermann 2019-06-27  44   *
2ebb6177899054 Thiago Jung Bauermann 2019-06-27 45 * Return: 0 on success, error code otherwise. 
2ebb6177899054 Thiago Jung Bauermann 2019-06-27  46   */
2ebb6177899054 Thiago Jung Bauermann 2019-06-27 47 int ima_read_modsig(enum ima_hooks func, const void *buf, loff_t buf_len, 2ebb6177899054 Thiago Jung Bauermann 2019-06-27 48 struct modsig **modsig) 
2ebb6177899054 Thiago Jung Bauermann 2019-06-27  49  {
2ebb6177899054 Thiago Jung Bauermann 2019-06-27 50 const size_t marker_len = strlen(MODULE_SIG_STRING); 2ebb6177899054 Thiago Jung Bauermann 2019-06-27 51 const struct module_signature *sig; 2ebb6177899054 Thiago Jung Bauermann 2019-06-27 52 struct modsig *hdr; 
2ebb6177899054 Thiago Jung Bauermann 2019-06-27  53  	size_t sig_len;
2ebb6177899054 Thiago Jung Bauermann 2019-06-27  54  	const void *p;
2ebb6177899054 Thiago Jung Bauermann 2019-06-27  55  	int rc;
2ebb6177899054 Thiago Jung Bauermann 2019-06-27  56
2ebb6177899054 Thiago Jung Bauermann 2019-06-27 57 if (buf_len <= marker_len + sizeof(*sig)) 
2ebb6177899054 Thiago Jung Bauermann 2019-06-27  58  		return -ENOENT;
2ebb6177899054 Thiago Jung Bauermann 2019-06-27  59
2ebb6177899054 Thiago Jung Bauermann 2019-06-27 60 p = buf + buf_len - marker_len; 2ebb6177899054 Thiago Jung Bauermann 2019-06-27 61 if (memcmp(p, MODULE_SIG_STRING, marker_len)) 
2ebb6177899054 Thiago Jung Bauermann 2019-06-27  62  		return -ENOENT;
2ebb6177899054 Thiago Jung Bauermann 2019-06-27  63
2ebb6177899054 Thiago Jung Bauermann 2019-06-27 64 buf_len -= marker_len; 2ebb6177899054 Thiago Jung Bauermann 2019-06-27 65 sig = (const struct module_signature *)(p - sizeof(*sig)); 
2ebb6177899054 Thiago Jung Bauermann 2019-06-27  66
2ebb6177899054 Thiago Jung Bauermann 2019-06-27 67 rc = mod_check_sig(sig, buf_len, func_tokens[func]); 
2ebb6177899054 Thiago Jung Bauermann 2019-06-27  68  	if (rc)
2ebb6177899054 Thiago Jung Bauermann 2019-06-27  69  		return rc;
2ebb6177899054 Thiago Jung Bauermann 2019-06-27  70
2ebb6177899054 Thiago Jung Bauermann 2019-06-27 71 sig_len = be32_to_cpu(sig->sig_len); 2ebb6177899054 Thiago Jung Bauermann 2019-06-27 72 buf_len -= sig_len + sizeof(*sig); 
2ebb6177899054 Thiago Jung Bauermann 2019-06-27  73
2ebb6177899054 Thiago Jung Bauermann 2019-06-27 74 hdr = kmalloc(sizeof(*hdr), GFP_KERNEL); 
2ebb6177899054 Thiago Jung Bauermann 2019-06-27  75  	if (!hdr)
2ebb6177899054 Thiago Jung Bauermann 2019-06-27  76  		return -ENOMEM;
2ebb6177899054 Thiago Jung Bauermann 2019-06-27  77
2ebb6177899054 Thiago Jung Bauermann 2019-06-27 78 hdr->pkcs7_msg = pkcs7_parse_message(buf + buf_len, sig_len); 2ebb6177899054 Thiago Jung Bauermann 2019-06-27 79 if (IS_ERR(hdr->pkcs7_msg)) { 
2ebb6177899054 Thiago Jung Bauermann 2019-06-27 @80  		kfree(hdr);
2ebb6177899054 Thiago Jung Bauermann 2019-06-27 @81 return PTR_ERR(hdr->pkcs7_msg); 
2ebb6177899054 Thiago Jung Bauermann 2019-06-27  82  	}
2ebb6177899054 Thiago Jung Bauermann 2019-06-27  83
2ebb6177899054 Thiago Jung Bauermann 2019-06-27  84  	*modsig = hdr;
2ebb6177899054 Thiago Jung Bauermann 2019-06-27  85
2ebb6177899054 Thiago Jung Bauermann 2019-06-27  86  	return 0;
2ebb6177899054 Thiago Jung Bauermann 2019-06-27  87  }
2ebb6177899054 Thiago Jung Bauermann 2019-06-27  88

---
0-DAY kernel test infrastructure Open Source Technology Center https://lists.01.org/pipermail/kbuild-all Intel Corporation
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
[Index of Archives]     [Linux Kernel]     [Linux Kernel Hardening]     [Linux NFS]     [Linux NILFS]     [Linux USB Devel]     [Video for Linux]     [Linux Audio Users]     [Yosemite News]     [Linux SCSI]

  Powered by Linux