From: Lucas De Marchi <lucas.demarchi@intel.com>
Date: Wed, 18 Feb 2015 18:15:45 +0000 (-0200)
Subject: libkmod: consider empty signature key as invalid
X-Git-Tag: v20~34
X-Git-Url: http://git.ipfire.org/?a=commitdiff_plain;h=dcbe1846e824da3cc9facbb27691adb79cdee24a;p=thirdparty%2Fkmod.git

libkmod: consider empty signature key as invalid

A segmentation fault occurs if a module has an empty key attached to
its signature. This is mostly likely due to a corrupted module.

The crash happens because kmod_module_get_info() assumes that
kmod_module_signature_info() returns a signature of at least 1 byte.

The fix is based on a patch from Tobias Stoeckmann
<tobias@stoeckmann.org>, but rather than changing kmod_module_get_info()
to fix the crash, this changes kmod_module_signature_info() to
consider the signature as invalid.
---

diff --git a/libkmod/libkmod-signature.c b/libkmod/libkmod-signature.c
index 2260cc62..5577305c 100644
--- a/libkmod/libkmod-signature.c
+++ b/libkmod/libkmod-signature.c
@@ -124,7 +124,8 @@ bool kmod_module_signature_info(const struct kmod_file *file, struct kmod_signat
 			modsig->id_type >= PKEY_ID_TYPE__LAST)
 		return false;
 	sig_len = be32toh(get_unaligned(&modsig->sig_len));
-	if (size < (int64_t)(modsig->signer_len + modsig->key_id_len + sig_len))
+	if (sig_len == 0 ||
+	    size < (int64_t)(modsig->signer_len + modsig->key_id_len + sig_len))
 		return false;
 
 	size -= modsig->key_id_len + sig_len;