This patch adds a check of the result from the first crypto_shash_update() in ima_calc_field_array_hash_tfm().
Signed-off-by: Roberto Sassu <[email protected]> Signed-off-by: Mimi Zohar <[email protected]> --- security/integrity/ima/ima_crypto.c | 3 +++ 1 file changed, 3 insertions(+) diff --git a/security/integrity/ima/ima_crypto.c b/security/integrity/ima/ima_crypto.c index 676e029..e22708b 100644 --- a/security/integrity/ima/ima_crypto.c +++ b/security/integrity/ima/ima_crypto.c @@ -163,6 +163,9 @@ static int ima_calc_field_array_hash_tfm(struct ima_field_data *field_data, rc = crypto_shash_update(&desc.shash, (const u8 *) &field_data[i].len, sizeof(field_data[i].len)); + if (rc) + break; + rc = crypto_shash_update(&desc.shash, field_data[i].data, field_data[i].len); if (rc) -- 1.8.1.4
smime.p7s
Description: S/MIME cryptographic signature
