[PATCH ima-evm-utils 1/3] Fix out-of-bounds read

[PATCH ima-evm-utils 1/3] Fix out-of-bounds read

[Mimi Zohar]

Coverity reported "overrunning an array".  Properly clear only the
remaining unused buffer memory.

Fixes: 874c0fd45cab ("EVM hmac calculation")
Signed-off-by: Mimi Zohar <zohar@linux.ibm.com>
---
 src/evmctl.c | 3 ++-
 1 file changed, 2 insertions(+), 1 deletion(-)

diff --git a/src/evmctl.c b/src/evmctl.c
index 04f14af9ab29..e1464ade4837 100644
--- a/src/evmctl.c
+++ b/src/evmctl.c
@@ -1108,7 +1108,8 @@ static int calc_evm_hmac(const char *file, const char *keyfile, unsigned char *h
 
 	/* EVM key is 128 bytes */
 	memcpy(evmkey, key, keylen);
-	memset(evmkey + keylen, 0, sizeof(evmkey) - keylen);
+	if (keylen < sizeof(evmkey))
+		memset(evmkey + keylen, 0, sizeof(evmkey) - keylen);
 
 	if (lstat(file, &st)) {
 		log_err("Failed to stat: %s\n", file);
-- 
2.27.0

[PATCH ima-evm-utils 2/3] Address "ignoring number of bytes read" messages

[Mimi Zohar]

Coverity complains about the existing "if (!fread(....))" and inverse
syntax.  Change it to make Coverity happy.

Signed-off-by: Mimi Zohar <zohar@linux.ibm.com>
---
 src/evmctl.c    | 4 ++--
 src/libimaevm.c | 2 +-
 2 files changed, 3 insertions(+), 3 deletions(-)

diff --git a/src/evmctl.c b/src/evmctl.c
index e1464ade4837..23be73d9bb97 100644
--- a/src/evmctl.c
+++ b/src/evmctl.c
@@ -2011,7 +2011,7 @@ static int ima_measurement(const char *file)
 		}
 	}
 
-	while (fread(&entry.header, sizeof(entry.header), 1, fp)) {
+	while (fread(&entry.header, sizeof(entry.header), 1, fp) == 1) {
 		entry_num++;
 		if (entry.header.pcr >= NUM_PCRS) {
 			log_err("Invalid PCR %d.\n", entry.header.pcr);
@@ -2233,7 +2233,7 @@ static int read_binary_bios_measurements(char *file, struct tpm_bank_info *bank)
 		log_info("Reading the TPM 1.2 event log %s.\n", file);
 
 	/* Extend the pseudo TPM PCRs with the event digest */
-	while (fread(&event, sizeof(event.header), 1, fp)) {
+	while (fread(&event, sizeof(event.header), 1, fp) == 1) {
 		if (imaevm_params.verbose > LOG_INFO) {
 			log_info("%02u ", event.header.pcr);
 			log_dump(event.header.digest, SHA_DIGEST_LENGTH);
diff --git a/src/libimaevm.c b/src/libimaevm.c
index 6591d20c7662..261712717368 100644
--- a/src/libimaevm.c
+++ b/src/libimaevm.c
@@ -156,7 +156,7 @@ static int add_file_hash(const char *file, EVP_MD_CTX *ctx)
 
 	for (size = stats.st_size; size; size -= len) {
 		len = MIN(size, bs);
-		if (!fread(data, len, 1, fp)) {
+		if (fread(data, len, 1, fp) != 1) {
 			if (ferror(fp)) {
 				log_err("fread() failed\n\n");
 				goto out;
-- 
2.27.0

[PATCH ima-evm-utils 3/3] Remove unnecessary NULL pointer test

[Mimi Zohar]

Remove the "Logically dead code (DEADCODE)" as reported by Coverity.

Fixes: 9c79b7de7231 ("ima-evm-utils: support verifying the measurement list using multiple keys")
Signed-off-by: Mimi Zohar <zohar@linux.ibm.com>
---
 src/libimaevm.c | 2 --
 1 file changed, 2 deletions(-)

diff --git a/src/libimaevm.c b/src/libimaevm.c
index 261712717368..925c3cccf964 100644
--- a/src/libimaevm.c
+++ b/src/libimaevm.c
@@ -392,8 +392,6 @@ void init_public_keys(const char *keyfiles)
 	keyfiles_free = tmp_keyfiles;
 
 	while ((keyfile = strsep(&tmp_keyfiles, ", \t")) != NULL) {
-		if (!keyfile)
-			break;
 		if ((*keyfile == '\0') || (*keyfile == ' ') ||
 		    (*keyfile == '\t'))
 			continue;
-- 
2.27.0