Check for return size in enc_untrusted_read

Check return size does not exceed requested. The returned result and content still cannot be trusted, but it's expected behavior when not using a secure file system. PiperOrigin-RevId: 333827386 Change-Id: I0bdec0aec9356ea333dc8c647eba5d2772875f29
google · Sep 25, 2020 · b1d120a · b1d120a
1 parent 8fed5e3
commit b1d120a
Showing 1 changed file with 6 additions and 1 deletion.
diff --git a/asylo/platform/host_call/trusted/host_calls.cc b/asylo/platform/host_call/trusted/host_calls.cc
@@ -226,8 +226,13 @@ int enc_untrusted_rename(const char *oldpath, const char *newpath) {
 }
 
 ssize_t enc_untrusted_read(int fd, void *buf, size_t count) {
-  return static_cast<ssize_t>(EnsureInitializedAndDispatchSyscall(
+  ssize_t ret = static_cast<ssize_t>(EnsureInitializedAndDispatchSyscall(
       asylo::system_call::kSYS_read, fd, buf, count));
+  if (ret != -1 && ret > count) {
+    ::asylo::primitives::TrustedPrimitives::BestEffortAbort(
+        "enc_untrusted_read: read result exceeds requested");
+  }
+  return ret;
 }
 
 ssize_t enc_untrusted_write(int fd, const void *buf, size_t count) {