forked from Minki/linux
integrity: add validity checks for 'path' parameter
This patch adds validity checks for 'path' parameter and makes it const. Signed-off-by: Dmitry Kasatkin <d.kasatkin@samsung.com> Signed-off-by: Mimi Zohar <zohar@linux.vnet.ibm.com>
This commit is contained in:
parent
f2b3dee484
commit
9d03a721a3
@ -85,7 +85,7 @@ int __init integrity_init_keyring(const unsigned int id)
|
||||
return err;
|
||||
}
|
||||
|
||||
int __init integrity_load_x509(const unsigned int id, char *path)
|
||||
int __init integrity_load_x509(const unsigned int id, const char *path)
|
||||
{
|
||||
key_ref_t key;
|
||||
char *data;
|
||||
|
@ -213,6 +213,9 @@ int __init integrity_read_file(const char *path, char **data)
|
||||
char *buf;
|
||||
int rc = -EINVAL;
|
||||
|
||||
if (!path || !*path)
|
||||
return -EINVAL;
|
||||
|
||||
file = filp_open(path, O_RDONLY, 0);
|
||||
if (IS_ERR(file)) {
|
||||
rc = PTR_ERR(file);
|
||||
|
@ -135,7 +135,7 @@ int integrity_digsig_verify(const unsigned int id, const char *sig, int siglen,
|
||||
const char *digest, int digestlen);
|
||||
|
||||
int __init integrity_init_keyring(const unsigned int id);
|
||||
int __init integrity_load_x509(const unsigned int id, char *path);
|
||||
int __init integrity_load_x509(const unsigned int id, const char *path);
|
||||
#else
|
||||
|
||||
static inline int integrity_digsig_verify(const unsigned int id,
|
||||
|
Loading…
Reference in New Issue
Block a user