Unverified Commit febe0528 authored by openeuler-ci-bot's avatar openeuler-ci-bot Committed by Gitee
Browse files

!13842 ima: fix buffer overrun in ima_eventdigest_init_common 

Merge Pull Request from: @ci-robot 
 
PR sync from: Gu Bowen <gubowen5@huawei.com>
https://mailweb.openeuler.org/hyperkitty/list/kernel@openeuler.org/message/PKUIUFFPCNAPQGFNBNPZQ2MASPLSUEIC/ 
 
https://gitee.com/src-openeuler/kernel/issues/IB75G4 
 
Link:https://gitee.com/openeuler/kernel/pulls/13842

 

Reviewed-by: default avatarZhang Peng <zhangpeng362@huawei.com>
Signed-off-by: default avatarZhang Peng <zhangpeng362@huawei.com>
parents fe3fd61f d4b387ba

security/integrity/ima/ima_template_lib.c

+10 −4
Original line number Diff line number Diff line
@@ -318,15 +318,21 @@ static int ima_eventdigest_init_common(const u8 *digest, u32 digestsize, 
				      hash_algo_name[hash_algo]);

	}



	if (digest)

	if (digest) {

		memcpy(buffer + offset, digest, digestsize);

	else

	} else {

		/*

		 * If digest is NULL, the event being recorded is a violation.

		 * Make room for the digest by increasing the offset by the

		 * hash algorithm digest size.

		 * hash algorithm digest size. If the hash algorithm is not

		 * specified increase the offset by IMA_DIGEST_SIZE which

		 * fits SHA1 or MD5

		 */

		if (hash_algo < HASH_ALGO__LAST)

			offset += hash_digest_size[hash_algo];

		else

			offset += IMA_DIGEST_SIZE;

	}



	return ima_write_template_field_data(buffer, offset + digestsize,

					     fmt, field_data);