Menu
▾
▴
[Linux-ima-user] buffer overflow fix
|
From: Amadeusz S. <am...@as...> - 2013-01-06 22:31:25
|
Hello, I noticed that 'evmctl ima_hash file' will fail on big files and after a bit of investigation found that code assumes that file size will fit in int which may not always be the case. # evmctl ima_hash /swapfile *** buffer overflow detected ***: evmctl - terminated evmctl: buffer overflow attack in function <unknown> - terminated Report to http://bugs.gentoo.org/ zsh: killed evmctl ima_hash /swapfile # ls -lh /swapfile -rw-r--r--. 1 root root 3.0G Sep 13 14:07 /swapfile # ls -l /swapfile -rw-r--r--. 1 root root 3221225472 Sep 13 14:07 /swapfile After applying attached patch changing get_fdsize it works without problem. There is also similar code in get_filesize, but I havent't changed it, it is used later to pass filesize to malloc() in file2bin and I'm not sure if it will work with such big files. Amadeusz |