ima: fix ima_alloc_atfm()
authorMimi Zohar <zohar@linux.vnet.ibm.com>
Mon, 28 Jul 2014 11:59:49 +0000 (07:59 -0400)
committerMimi Zohar <zohar@linux.vnet.ibm.com>
Tue, 2 Sep 2014 21:03:35 +0000 (17:03 -0400)
The patch 3bcced39ea7d: "ima: use ahash API for file hash
calculation" from Feb 26, 2014, leads to the following static checker
warning:

security/integrity/ima/ima_crypto.c:204 ima_alloc_atfm()
         error: buffer overflow 'hash_algo_name' 17 <= 17

Unlike shash tfm memory, which is allocated on initialization, the
ahash tfm memory allocation is deferred until needed.

This patch fixes the case where ima_ahash_tfm has not yet been
allocated and the file's signature/hash xattr contains an invalid hash
algorithm.  Although we can not verify the xattr, we still need to
measure the file.  Use the default IMA hash algorithm.

Changelog:
- set valid algo before testing tfm - based on Dmitry's comment

Reported-by: Dan Carpenter <dan.carpenter@oracle.com>
Signed-off-by: Mimi Zohar <zohar@linux.vnet.ibm.com>
Signed-off-by: Dmitry Kasatkin <d.kasatkin@samsung.com>
security/integrity/ima/ima_crypto.c

index 0bd732843fe70861b0d1bb58bceada6c972f8122..2d103dc13d907119386017c3c4e645e6157698ff 100644 (file)
@@ -200,7 +200,10 @@ static struct crypto_ahash *ima_alloc_atfm(enum hash_algo algo)
        struct crypto_ahash *tfm = ima_ahash_tfm;
        int rc;
 
-       if ((algo != ima_hash_algo && algo < HASH_ALGO__LAST) || !tfm) {
+       if (algo < 0 || algo >= HASH_ALGO__LAST)
+               algo = ima_hash_algo;
+
+       if (algo != ima_hash_algo || !tfm) {
                tfm = crypto_alloc_ahash(hash_algo_name[algo], 0, 0);
                if (!IS_ERR(tfm)) {
                        if (algo == ima_hash_algo)