libkmod: consider empty signature key as invalid A segmentation fault occurs if a module has an empty key attached to its signature. This is mostly likely due to a corrupted module. The crash happens because kmod_module_get_info() assumes that kmod_module_signature_info() returns a signature of at least 1 byte. The fix is based on a patch from Tobias Stoeckmann <tobias@stoeckmann.org>, but rather than changing kmod_module_get_info() to fix the crash, this changes kmod_module_signature_info() to consider the signature as invalid.

commit: dcbe1846e824da3cc9facbb27691adb79cdee24a [log] [tgz]
author: Lucas De Marchi <lucas.demarchi@intel.com> Wed Feb 18 16:15:45 2015 -0200
committer: Lucas De Marchi <lucas.demarchi@intel.com> Wed Feb 18 16:15:45 2015 -0200
tree: 39edd5c7fdad07b9ef9d60e35775f774a72bd17f
parent: 40ef6e69bb13522b961767d81f44aec0e83a7462 [diff]
diff --git a/libkmod/libkmod-signature.c b/libkmod/libkmod-signature.c
index 2260cc6..5577305 100644
--- a/libkmod/libkmod-signature.c
+++ b/libkmod/libkmod-signature.c

@@ -124,7 +124,8 @@
 			modsig->id_type >= PKEY_ID_TYPE__LAST)
 		return false;
 	sig_len = be32toh(get_unaligned(&modsig->sig_len));
-	if (size < (int64_t)(modsig->signer_len + modsig->key_id_len + sig_len))
+	if (sig_len == 0 ||
+	    size < (int64_t)(modsig->signer_len + modsig->key_id_len + sig_len))
 		return false;
 
 	size -= modsig->key_id_len + sig_len;
commit	dcbe1846e824da3cc9facbb27691adb79cdee24a	[log] [tgz]
author	Lucas De Marchi <lucas.demarchi@intel.com>	Wed Feb 18 16:15:45 2015 -0200
committer	Lucas De Marchi <lucas.demarchi@intel.com>	Wed Feb 18 16:15:45 2015 -0200
tree	39edd5c7fdad07b9ef9d60e35775f774a72bd17f
parent	40ef6e69bb13522b961767d81f44aec0e83a7462 [diff]