[RESEND,PATCH 5/7] ima: Fix datalen check in ima_write_data()

18 Aug 2020

hulk inclusion
category: feature
feature: digest-lists
---------------------------
This patch avoids a possible overflow of datalen when it is checked at the
beginning of ima_write_data().
Signed-off-by: Roberto Sassu roberto.sassu@huawei.com
---
 security/integrity/ima/ima_fs.c | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/security/integrity/ima/ima_fs.c b/security/integrity/ima/ima_fs.c
index 8c28ff907aa7..a5f87fcdf731 100644
--- a/security/integrity/ima/ima_fs.c
+++ b/security/integrity/ima/ima_fs.c
@@ -361,7 +361,7 @@ static ssize_t ima_write_data(struct file *file, const char __user *buf,
    	goto out;
result = -EFBIG;
-	if (datalen + 1 > 64 * 1024 * 1024)
+	if (datalen > 64 * 1024 * 1024 - 1)
    	goto out;
result = -ENOMEM;
-- 
2.27.GIT

    

2024

2023

2022

2021

2020

2019

[RESEND,PATCH 5/7] ima: Fix datalen check in ima_write_data()