]> git.ipfire.org Git - thirdparty/kmod.git/commitdiff
projects / thirdparty / kmod.git / commitdiff
? search:
summary | shortlog | log | commit | commitdiff | tree
raw | patch | inline | side by side (parent: 40ef6e6)
libkmod: consider empty signature key as invalid
authorLucas De Marchi <lucas.demarchi@intel.com>
Wed, 18 Feb 2015 18:15:45 +0000 (16:15 -0200)
committerLucas De Marchi <lucas.demarchi@intel.com>
Wed, 18 Feb 2015 18:15:45 +0000 (16:15 -0200)
A segmentation fault occurs if a module has an empty key attached to
its signature. This is mostly likely due to a corrupted module.

The crash happens because kmod_module_get_info() assumes that
kmod_module_signature_info() returns a signature of at least 1 byte.

The fix is based on a patch from Tobias Stoeckmann
<tobias@stoeckmann.org>, but rather than changing kmod_module_get_info()
to fix the crash, this changes kmod_module_signature_info() to
consider the signature as invalid.

libkmod/libkmod-signature.c patch | blob | blame | history

diff --git a/libkmod/libkmod-signature.c b/libkmod/libkmod-signature.c
index 2260cc6214c28c664b1663faca4b53e53fceb3ae..5577305c1081b2371c81189817d0ce46852b150a 100644 (file)
--- a/libkmod/libkmod-signature.c
+++ b/libkmod/libkmod-signature.c
@@ -124,7 +124,8 @@ bool kmod_module_signature_info(const struct kmod_file *file, struct kmod_signat
                        modsig->id_type >= PKEY_ID_TYPE__LAST)
                return false;
        sig_len = be32toh(get_unaligned(&modsig->sig_len));
-       if (size < (int64_t)(modsig->signer_len + modsig->key_id_len + sig_len))
+       if (sig_len == 0 ||
+           size < (int64_t)(modsig->signer_len + modsig->key_id_len + sig_len))
                return false;
 
        size -= modsig->key_id_len + sig_len;
Unnamed repository; edit this file 'description' to name the repository.