[PATCH ima-evm-utils 1/3] Fix out-of-bounds read

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 

Coverity reported "overrunning an array".  Properly clear only the
remaining unused buffer memory.

Fixes: 874c0fd45cab ("EVM hmac calculation")
Signed-off-by: Mimi Zohar <zohar@xxxxxxxxxxxxx>
---
 src/evmctl.c | 3 ++-
 1 file changed, 2 insertions(+), 1 deletion(-)

diff --git a/src/evmctl.c b/src/evmctl.c
index 04f14af9ab29..e1464ade4837 100644
--- a/src/evmctl.c
+++ b/src/evmctl.c
@@ -1108,7 +1108,8 @@ static int calc_evm_hmac(const char *file, const char *keyfile, unsigned char *h
 
 	/* EVM key is 128 bytes */
 	memcpy(evmkey, key, keylen);
-	memset(evmkey + keylen, 0, sizeof(evmkey) - keylen);
+	if (keylen < sizeof(evmkey))
+		memset(evmkey + keylen, 0, sizeof(evmkey) - keylen);
 
 	if (lstat(file, &st)) {
 		log_err("Failed to stat: %s\n", file);
-- 
2.27.0
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
[Index of Archives]     [Linux Kernel]     [Linux Kernel Hardening]     [Linux NFS]     [Linux NILFS]     [Linux USB Devel]     [Video for Linux]     [Linux Audio Users]     [Yosemite News]     [Linux SCSI]

  Powered by Linux