diff options
| author | Lucas De Marchi <lucas.demarchi@intel.com> | 2015-02-18 16:15:45 -0200 |
|---|---|---|
| committer | Lucas De Marchi <lucas.demarchi@intel.com> | 2015-02-18 16:15:45 -0200 |
| commit | dcbe1846e824da3cc9facbb27691adb79cdee24a (patch) | |
| tree | 39edd5c7fdad07b9ef9d60e35775f774a72bd17f /libkmod | |
| parent | 40ef6e69bb13522b961767d81f44aec0e83a7462 (diff) | |
| download | kmod-dcbe1846e824da3cc9facbb27691adb79cdee24a.tar.gz kmod-dcbe1846e824da3cc9facbb27691adb79cdee24a.tar.bz2 kmod-dcbe1846e824da3cc9facbb27691adb79cdee24a.zip | |
libkmod: consider empty signature key as invalid
A segmentation fault occurs if a module has an empty key attached to
its signature. This is mostly likely due to a corrupted module.
The crash happens because kmod_module_get_info() assumes that
kmod_module_signature_info() returns a signature of at least 1 byte.
The fix is based on a patch from Tobias Stoeckmann
<tobias@stoeckmann.org>, but rather than changing kmod_module_get_info()
to fix the crash, this changes kmod_module_signature_info() to
consider the signature as invalid.
Diffstat (limited to 'libkmod')
| -rw-r--r-- | libkmod/libkmod-signature.c | 3 |
1 files changed, 2 insertions, 1 deletions
diff --git a/libkmod/libkmod-signature.c b/libkmod/libkmod-signature.c index 2260cc6..5577305 100644 --- a/libkmod/libkmod-signature.c +++ b/libkmod/libkmod-signature.c @@ -124,7 +124,8 @@ bool kmod_module_signature_info(const struct kmod_file *file, struct kmod_signat modsig->id_type >= PKEY_ID_TYPE__LAST) return false; sig_len = be32toh(get_unaligned(&modsig->sig_len)); - if (size < (int64_t)(modsig->signer_len + modsig->key_id_len + sig_len)) + if (sig_len == 0 || + size < (int64_t)(modsig->signer_len + modsig->key_id_len + sig_len)) return false; size -= modsig->key_id_len + sig_len; |