[PATCH v2] ima: Fix NULL pointer dereference in ima_file_hash
KP Singh
kpsingh at chromium.org
Wed Sep 16 13:36:06 UTC 2020
On Wed, Sep 16, 2020 at 2:49 PM KP Singh <kpsingh at chromium.org> wrote:
>
> From: KP Singh <kpsingh at google.com>
[...]
Another attempt to get this on the lists.
> diff --git a/security/integrity/ima/ima_main.c b/security/integrity/ima/ima_main.c
> index 8a91711ca79b..4c86cd4eece0 100644
> --- a/security/integrity/ima/ima_main.c
> +++ b/security/integrity/ima/ima_main.c
> @@ -531,6 +531,16 @@ int ima_file_hash(struct file *file, char *buf, size_t buf_size)
> return -EOPNOTSUPP;
>
> mutex_lock(&iint->mutex);
> +
> + /*
> + * ima_file_hash can be called when ima_collect_measurement has still
> + * not been called, we might not always have a hash.
> + */
> + if (!iint->ima_hash) {
> + mutex_unlock(&iint->mutex);
> + return -EOPNOTSUPP;
> + }
> +
> if (buf) {
> size_t copied_size;
>
> --
> 2.28.0.526.ge36021eeef-goog
>
More information about the Linux-security-module-archive
mailing list