diff mbox series

[8/9] Validate input parameters for libfsverity_sign_digest()

Message ID 20200312214758.343212-9-Jes.Sorensen@gmail.com (mailing list archive)
State Superseded
Headers show
Series Split fsverity-utils into a shared library | expand

Commit Message

Jes Sorensen March 12, 2020, 9:47 p.m. UTC 
From: Jes Sorensen <jsorensen@fb.com>

Return -EINVAL on any invalid input argument, as well
as if any of the reserved fields are set in
struct libfsverity_signature_digest

Signed-off-by: Jes Sorensen <jsorensen@fb.com>
---
 libverity.c | 34 ++++++++++++++++++++++++++--------
 1 file changed, 26 insertions(+), 8 deletions(-)

Comments

Eric Biggers March 22, 2020, 5:27 a.m. UTC | #1 
On Thu, Mar 12, 2020 at 05:47:57PM -0400, Jes Sorensen wrote:
> From: Jes Sorensen <jsorensen@fb.com>
> 
> Return -EINVAL on any invalid input argument, as well
> as if any of the reserved fields are set in
> struct libfsverity_signature_digest
> 
> Signed-off-by: Jes Sorensen <jsorensen@fb.com>
> ---
>  libverity.c | 34 ++++++++++++++++++++++++++--------
>  1 file changed, 26 insertions(+), 8 deletions(-)
> 
> diff --git a/libverity.c b/libverity.c
> index 1cef544..e16306d 100644
> --- a/libverity.c
> +++ b/libverity.c
> @@ -494,18 +494,36 @@ libfsverity_sign_digest(const struct libfsverity_digest *digest,
>  	X509 *cert = NULL;
>  	const EVP_MD *md;
>  	size_t data_size;
> -	uint16_t alg_nr;
> -	int retval = -EAGAIN;
> +	uint16_t alg_nr, digest_size;
> +	int i, retval = -EAGAIN;
> +	const char magic[8] = "FSVerity";
> +
> +	if (!digest || !sig_params || !sig_ret || !sig_size_ret)
> +		return -EINVAL;
> +
> +	if (strncmp(digest->magic, magic, sizeof(magic)))
> +		return -EINVAL;
> +
> +	if (!sig_params->keyfile || !sig_params->certfile)
> +		return -EINVAL;
> +
> +	for (i = 0; i < sizeof(sig_params->reserved) /
> +		     sizeof(sig_params->reserved[0]); i++) {
> +		if (sig_params->reserved[i])
> +			return -EINVAL;
> +	}

This can use ARRAY_SIZE().

- Eric
diff mbox series

Patch

diff --git a/libverity.c b/libverity.c
index 1cef544..e16306d 100644
--- a/libverity.c
+++ b/libverity.c
@@ -494,18 +494,36 @@  libfsverity_sign_digest(const struct libfsverity_digest *digest,
 	X509 *cert = NULL;
 	const EVP_MD *md;
 	size_t data_size;
-	uint16_t alg_nr;
-	int retval = -EAGAIN;
+	uint16_t alg_nr, digest_size;
+	int i, retval = -EAGAIN;
+	const char magic[8] = "FSVerity";
+
+	if (!digest || !sig_params || !sig_ret || !sig_size_ret)
+		return -EINVAL;
+
+	if (strncmp(digest->magic, magic, sizeof(magic)))
+		return -EINVAL;
+
+	if (!sig_params->keyfile || !sig_params->certfile)
+		return -EINVAL;
+
+	for (i = 0; i < sizeof(sig_params->reserved) /
+		     sizeof(sig_params->reserved[0]); i++) {
+		if (sig_params->reserved[i])
+			return -EINVAL;
+	}
+
+	digest_size = le16_to_cpu(digest->digest_size);
+	data_size = sizeof(struct libfsverity_digest) + digest_size;
 
-	data_size = sizeof(struct libfsverity_digest) +
-		le16_to_cpu(digest->digest_size);
 	alg_nr = le16_to_cpu(digest->digest_algorithm);
 	hash_alg = libfsverity_find_hash_alg_by_num(alg_nr);
 
-	if (!hash_alg) {
-		retval = -EINVAL;
-		goto out;
-	}
+	if (!hash_alg)
+		return -EINVAL;
+
+	if (digest_size != hash_alg->digest_size)
+		return -EINVAL;
 
 	pkey = read_private_key(sig_params->keyfile);
 	if (!pkey) {