[<prev] [next>] [thread-next>] [day] [month] [year] [list]
Message-ID: <20220518093829.2248801-1-chris.zjh@huawei.com>
Date: Wed, 18 May 2022 17:38:29 +0800
From: Zhang Jianhua <chris.zjh@...wei.com>
To: <ebiggers@...nel.org>, <tytso@....edu>
CC: <linux-fscrypt@...r.kernel.org>, <linux-kernel@...r.kernel.org>
Subject: [PATCH -next] fs-verity: Use struct_size() helper in fsverity_ioctl_measure()
Make use of the struct_size() helper instead of an open-coded version,
in order to avoid any potential type mistakes or integer overflows that,
in the worst scenario, could lead to heap overflows.
Also, address the following sparse warnings:
fs/verity/measure.c:48:9: warning: using sizeof on a flexible structure
fs/verity/measure.c:52:38: warning: using sizeof on a flexible structure
Signed-off-by: Zhang Jianhua <chris.zjh@...wei.com>
---
fs/verity/measure.c | 5 +++--
1 file changed, 3 insertions(+), 2 deletions(-)
diff --git a/fs/verity/measure.c b/fs/verity/measure.c
index e99c00350c28..4a388116d0de 100644
--- a/fs/verity/measure.c
+++ b/fs/verity/measure.c
@@ -27,6 +27,7 @@ int fsverity_ioctl_measure(struct file *filp, void __user *_uarg)
const struct fsverity_info *vi;
const struct fsverity_hash_alg *hash_alg;
struct fsverity_digest arg;
+ size_t arg_size = struct_size(&arg, digest, 0);
vi = fsverity_get_info(inode);
if (!vi)
@@ -44,11 +45,11 @@ int fsverity_ioctl_measure(struct file *filp, void __user *_uarg)
if (arg.digest_size < hash_alg->digest_size)
return -EOVERFLOW;
- memset(&arg, 0, sizeof(arg));
+ memset(&arg, 0, arg_size);
arg.digest_algorithm = hash_alg - fsverity_hash_algs;
arg.digest_size = hash_alg->digest_size;
- if (copy_to_user(uarg, &arg, sizeof(arg)))
+ if (copy_to_user(uarg, &arg, arg_size))
return -EFAULT;
if (copy_to_user(uarg->digest, vi->file_digest, hash_alg->digest_size))
--
2.31.0
Powered by blists - more mailing lists