diff options
author | Martijn Coenen <maco@google.com> | 2021-07-22 03:24:28 +0200 |
---|---|---|
committer | Martijn Coenen <maco@google.com> | 2021-07-22 10:59:33 +0200 |
commit | 2ac2bbb546b8028c2c7f5a9a7567a477eaa6ce64 (patch) | |
tree | 99888ec7be55a24ab303aa12f139569200f9d98f | |
parent | 4791ea8bed6db8bfbd80f662e6344a25de18d4e7 (diff) | |
download | security-2ac2bbb546b8028c2c7f5a9a7567a477eaa6ce64.tar.gz |
Fix makeUniqueWithTrailingData.
And do some additional checking on the generated verity digest size.
Bug: 194334498
Test: TH, atest odsign_e2e_tests on hwasan build
Change-Id: If2ae3edc5427b4315d4be63663ab3ac4006f91e8
Merged-In: If2ae3edc5427b4315d4be63663ab3ac4006f91e8
-rw-r--r-- | ondevice-signing/VerityUtils.cpp | 9 |
1 files changed, 7 insertions, 2 deletions
diff --git a/ondevice-signing/VerityUtils.cpp b/ondevice-signing/VerityUtils.cpp index 3d5243a6..0bb3979d 100644 --- a/ondevice-signing/VerityUtils.cpp +++ b/ondevice-signing/VerityUtils.cpp @@ -94,7 +94,12 @@ Result<std::vector<uint8_t>> createDigest(const std::string& path) { if (ret < 0) { return ErrnoError() << "Failed to compute fs-verity digest for " << path; } - std::vector<uint8_t> digestVector(&digest->digest[0], &digest->digest[32]); + int expected_digest_size = libfsverity_get_digest_size(FS_VERITY_HASH_ALG_SHA256); + if (digest->digest_size != expected_digest_size) { + return Error() << "Digest does not have expected size: " << expected_digest_size + << " actual: " << digest->digest_size; + } + std::vector<uint8_t> digestVector(&digest->digest[0], &digest->digest[expected_digest_size]); free(digest); return digestVector; } @@ -114,7 +119,7 @@ template <typename T> using trailing_unique_ptr = std::unique_ptr<T, DeleteAsPOD template <typename T> static trailing_unique_ptr<T> makeUniqueWithTrailingData(size_t trailing_data_size) { - uint8_t* memory = new uint8_t[sizeof(T*) + trailing_data_size]; + uint8_t* memory = new uint8_t[sizeof(T) + trailing_data_size]; T* ptr = new (memory) T; return trailing_unique_ptr<T>{ptr}; } |