Re: [PATCH] ima: avoid appraise error for hash calc interrupt
From: Mimi Zohar
Date: Tue Nov 12 2019 - 12:14:12 EST
On Mon, 2019-11-11 at 14:29 -0800, Lakshmi Ramasubramanian wrote:
> On 11/11/19 11:23 AM, Patrick Callaghan wrote:
>
> > - if (rbuf_len == 0)
> > + if (rbuf_len == 0) { /* unexpected EOF */
> > + rc = -EINVAL;
> > break;
> > + }
> > offset += rbuf_len;
>
> Should there be an additional check to validate that (offset + rbuf_len)
> is less than i_size before calling cypto_shash_update (since rbuf_len is
> one of the parameters for this call)?
The "while" statement enforces that.
Mimi
>
> if ((rbuf_len == 0) || (offset + rbuf_len >= i_size)) {
> rc = -EINVAL;
> break;
> }
> offset += rbuf_len;
>
> > rc = crypto_shash_update(shash, rbuf, rbuf_len);
>
> -lakshmi
>