From: Andreas Steffen <andreas.steffen@strongswan.org>
Date: Mon, 16 Jul 2012 20:44:45 +0000 (+0200)
Subject: fixed potential hasher problem in IMA template hash
X-Git-Tag: 5.0.1~295
X-Git-Url: http://git.ipfire.org/?a=commitdiff_plain;h=c8ff69402b7ea57e6fd26ef61d0da8ca61b564f3;p=thirdparty%2Fstrongswan.git

fixed potential hasher problem in IMA template hash
---

diff --git a/src/libpts/plugins/imv_attestation/attest_db.c b/src/libpts/plugins/imv_attestation/attest_db.c
index da483bd7f8..13a9f9a207 100644
--- a/src/libpts/plugins/imv_attestation/attest_db.c
+++ b/src/libpts/plugins/imv_attestation/attest_db.c
@@ -1144,6 +1144,11 @@ METHOD(attest_db_t, add, bool,
 			ima = TRUE;
 			this->algo = PTS_MEAS_ALGO_SHA1;
 			hasher = lib->crypto->create_hasher(lib->crypto, HASH_SHA1);
+			if (!hasher)
+			{
+				printf("could not create hasher\n");
+				return FALSE;
+			}
 		}
 
 		pathname = this->did ? this->dir : this->file;
@@ -1207,9 +1212,12 @@ METHOD(attest_db_t, add, bool,
 			strncpy(ima_buffer, filename, IMA_MAX_NAME_LEN);
 			ima_buffer[IMA_MAX_NAME_LEN] = '\0';
 			ima_template = chunk_create(ima_buffer, sizeof(ima_buffer));
-			hasher->get_hash(hasher, measurement, NULL);
-			hasher->get_hash(hasher, ima_template, measurement.ptr);
-
+			if (!hasher->get_hash(hasher, measurement, NULL) ||
+				!hasher->get_hash(hasher, ima_template, measurement.ptr))
+			{
+				printf("could not compute IMA template hash\n");
+				break;
+			}
 			if (!insert_file_hash(this, PTS_MEAS_ALGO_SHA1_IMA, measurement,
 								  fid, did, TRUE, &ima_hashes_added))
 			{