[PATCH] ima: Fix a use after free in ima_read_modsig()
Dan Carpenter
dan.carpenter at oracle.com
Thu Aug 8 11:45:50 UTC 2019
On Thu, Aug 08, 2019 at 07:17:22AM -0400, Mimi Zohar wrote:
> On Thu, 2019-08-08 at 13:33 +0300, Dan Carpenter wrote:
> > This code frees "hdr" and then dereferences it on the next line to get
> > the error code.
> >
> > Fixes: 39b07096364a ("ima: Implement support for module-style appended signatures")
> > Signed-off-by: Dan Carpenter <dan.carpenter at oracle.com>
>
> Thanks, Dan. Julia already reported this. Thiago posted a patch last
> night. Just getting to it now. Can I add your Reviewed-by or Tested-
> by?
I haven't seen the other patch so Reviewed-by seems like the wrong
thing. I don't really need any sort of credit. I'm just going through
my backlog of warnings from being out of office. Perhaps Reported-by?
regards,
dan carpenter
More information about the Linux-security-module-archive
mailing list