ima: prevent buffer overflow in ima_alloc_tfm() This patch fixes the case where the file's signature/hash xattr contains an invalid hash algorithm. Although we can not verify the xattr, we still need to measure the file. Use the default IMA hash algorithm. Signed-off-by: Dmitry Kasatkin <d.kasatkin@samsung.com> Signed-off-by: Mimi Zohar <zohar@linux.vnet.ibm.com>

commit: 23c19e2ca736722a9523b64b07cda7efab7b6c57 [log] [tgz]
author: Dmitry Kasatkin <d.kasatkin@samsung.com> Fri Aug 15 13:28:52 2014 +0300
committer: Mimi Zohar <zohar@linux.vnet.ibm.com> Tue Sep 02 17:03:36 2014 -0400
tree: cb0501321b7221aed0bafe9b3b016ba033053a3d
parent: 9a8d289fbcb7dfd1fc74959e9930b406e76b2002 [diff] [blame]
diff --git a/security/integrity/ima/ima_crypto.c b/security/integrity/ima/ima_crypto.c
index 2d103dc..1178b30 100644
--- a/security/integrity/ima/ima_crypto.c
+++ b/security/integrity/ima/ima_crypto.c

@@ -116,7 +116,10 @@
 	struct crypto_shash *tfm = ima_shash_tfm;
 	int rc;
 
-	if (algo != ima_hash_algo && algo < HASH_ALGO__LAST) {
+	if (algo < 0 || algo >= HASH_ALGO__LAST)
+		algo = ima_hash_algo;
+
+	if (algo != ima_hash_algo) {
 		tfm = crypto_alloc_shash(hash_algo_name[algo], 0, 0);
 		if (IS_ERR(tfm)) {
 			rc = PTR_ERR(tfm);
commit	23c19e2ca736722a9523b64b07cda7efab7b6c57	[log] [tgz]
author	Dmitry Kasatkin <d.kasatkin@samsung.com>	Fri Aug 15 13:28:52 2014 +0300
committer	Mimi Zohar <zohar@linux.vnet.ibm.com>	Tue Sep 02 17:03:36 2014 -0400
tree	cb0501321b7221aed0bafe9b3b016ba033053a3d
parent	9a8d289fbcb7dfd1fc74959e9930b406e76b2002 [diff] [blame]