From: Mimi Zohar <zohar@linux.ibm.com>
To: linux-integrity@vger.kernel.org
Cc: Petr Vorel <pvorel@suse.cz>, Bruno Meneguele <bmeneg@redhat.com>
Subject: Re: [PATCH 1/3 v1] ima-evm-utils: address new compiler complaints
Date: Wed, 15 Jul 2020 21:56:34 -0400 [thread overview]
Message-ID: <1594864594.12900.359.camel@linux.ibm.com> (raw)
In-Reply-To: <1594845435-19164-1-git-send-email-zohar@linux.ibm.com>
Address the new compiler complaints:
- while reading the template data
- while reading the exported TPM 1.2 PCRs
- while reading the TPM event log
Reported-by: Petr Vorel <pvorel@suse.cz>
Signed-off-by: Mimi Zohar <zohar@linux.ibm.com>
---
Changelog v1:
- Fix fread() tests
src/evmctl.c | 27 +++++++++++++++++++++------
1 file changed, 21 insertions(+), 6 deletions(-)
diff --git a/src/evmctl.c b/src/evmctl.c
index 8439bec0d7ee..f910e2752516 100644
--- a/src/evmctl.c
+++ b/src/evmctl.c
@@ -1380,7 +1380,7 @@ static char *misc_pcrs = "/sys/class/misc/tpm0/device/pcrs";
static int tpm_pcr_read(struct tpm_bank_info *tpm_banks, int len)
{
FILE *fp = NULL;
- char *p, pcr_str[7], buf[70]; /* length of the TPM string */
+ char *p, pcr_str[8], buf[70]; /* length of the TPM string */
int result = -1;
int i = 0;
@@ -1399,7 +1399,7 @@ static int tpm_pcr_read(struct tpm_bank_info *tpm_banks, int len)
for (;;) {
p = fgets(buf, sizeof(buf), fp);
- if (!p)
+ if (!p || i > 99)
break;
sprintf(pcr_str, "PCR-%2.2d", i);
if (!strncmp(p, pcr_str, 6))
@@ -1980,11 +1980,21 @@ static int ima_measurement(const char *file)
* in the template data hash calculation.
*/
len = fread(&field_len, sizeof(field_len), 1, fp);
- if (field_len > TCG_EVENT_NAME_LEN_MAX)
+ if (len <= 0) {
+ log_errno("Failed reading file name length\n");
+ goto out;
+ }
+ if (field_len > TCG_EVENT_NAME_LEN_MAX) {
log_err("file pathname is too long\n");
+ goto out;
+ }
- fread(entry.template + SHA_DIGEST_LENGTH,
- field_len, 1, fp);
+ len = fread(entry.template + SHA_DIGEST_LENGTH,
+ field_len, 1, fp);
+ if (len != 1) {
+ log_errno("Failed reading file name\n");
+ goto out;
+ }
/*
* The template data is fixed sized, zero out
@@ -2069,6 +2079,7 @@ static int read_binary_bios_measurements(char *file, struct tpm_bank_info *bank)
FILE *fp;
SHA_CTX c;
int err = 0;
+ int len;
int i;
fp = fopen(file, "r");
@@ -2100,7 +2111,11 @@ static int read_binary_bios_measurements(char *file, struct tpm_bank_info *bank)
err = 1;
break;
}
- fread(event.data, event.header.len, 1, fp);
+ len = fread(event.data, event.header.len, 1, fp);
+ if (len != 1) {
+ log_errno("Failed reading event data (short read)\n");
+ break;
+ }
}
fclose(fp);
--
2.7.5
next prev parent reply other threads:[~2020-07-16 1:56 UTC|newest]
Thread overview: 5+ messages / expand[flat|nested] mbox.gz Atom feed top
2020-07-15 20:37 [PATCH 1/3] ima-evm-utils: address new compiler complaints Mimi Zohar
2020-07-15 20:37 ` [PATCH 2/3] ima-evm-utils: reading public keys Mimi Zohar
2020-07-15 20:37 ` [PATCH 3/3] ima-evm-utils: add missing license info Mimi Zohar
2020-07-16 1:56 ` Mimi Zohar [this message]
2020-07-16 8:15 ` [PATCH 1/3 v1] ima-evm-utils: address new compiler complaints Petr Vorel
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=1594864594.12900.359.camel@linux.ibm.com \
--to=zohar@linux.ibm.com \
--cc=bmeneg@redhat.com \
--cc=linux-integrity@vger.kernel.org \
--cc=pvorel@suse.cz \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.