Donate to e Foundation | Murena handsets with /e/OS | Own a part of Murena! Learn more

This project is archived. Its data is read-only.

Commit 9d03a721 authored Nov 26, 2014 by Dmitry Kasatkin Committed by Mimi Zohar May 21, 2015

integrity: add validity checks for 'path' parameter



This patch adds validity checks for 'path' parameter and
makes it const.

Signed-off-by: Dmitry Kasatkin <d.kasatkin@samsung.com>
Signed-off-by: Mimi Zohar <zohar@linux.vnet.ibm.com>

parent f2b3dee4

security/integrity/digsig.c

+1 −1

Original line number	Original line	Diff line number	Diff line
	@@ -85,7 +85,7 @@ int __init integrity_init_keyring(const unsigned int id)
	return err;		return err;
	}		}

	int __init integrity_load_x509(const unsigned int id, char *path)		int __init integrity_load_x509(const unsigned int id, const char *path)
	{		{
	key_ref_t key;		key_ref_t key;
	char *data;		char *data;

security/integrity/iint.c

+3 −0

Original line number	Original line	Diff line number	Diff line
	@@ -213,6 +213,9 @@ int __init integrity_read_file(const char path, char *data)
	char *buf;		char *buf;
	int rc = -EINVAL;		int rc = -EINVAL;

			if (!path \|\| !*path)
			return -EINVAL;

	file = filp_open(path, O_RDONLY, 0);		file = filp_open(path, O_RDONLY, 0);
	if (IS_ERR(file)) {		if (IS_ERR(file)) {
	rc = PTR_ERR(file);		rc = PTR_ERR(file);

security/integrity/integrity.h

+1 −1

Original line number	Original line	Diff line number	Diff line
	@@ -135,7 +135,7 @@ int integrity_digsig_verify(const unsigned int id, const char *sig, int siglen,
	const char *digest, int digestlen);		const char *digest, int digestlen);

	int __init integrity_init_keyring(const unsigned int id);		int __init integrity_init_keyring(const unsigned int id);
	int __init integrity_load_x509(const unsigned int id, char *path);		int __init integrity_load_x509(const unsigned int id, const char *path);
	#else		#else

	static inline int integrity_digsig_verify(const unsigned int id,		static inline int integrity_digsig_verify(const unsigned int id,