pts: Avoid integer overflow when reading file names in the old IMA format
authorTobias Brunner <tobias@strongswan.org>
Tue, 1 Jul 2014 10:37:25 +0000 (12:37 +0200)
committerTobias Brunner <tobias@strongswan.org>
Tue, 1 Jul 2014 15:58:36 +0000 (17:58 +0200)
src/libpts/pts/pts_ima_event_list.c

index 9959fb3..9bff465 100644 (file)
@@ -298,7 +298,7 @@ pts_ima_event_list_t* pts_ima_event_list_create(char *file)
                        }
 
                        /* read the 32 bit length of the file name in host order */
-                       if (read(fd, &name_len, 4) != 4)
+                       if (read(fd, &name_len, 4) != 4 || name_len == UINT32_MAX)
                        {
                                error = "invalid filename field length";
                                break;