All of lore.kernel.org
 help / color / mirror / Atom feed
* efi_loader: pkcs7_parse_message() returns error pointer
@ 2020-05-07  0:17 Patrick Wildt
  2020-05-07 14:47 ` Heinrich Schuchardt
  2020-05-07 16:02 ` Heinrich Schuchardt
  0 siblings, 2 replies; 4+ messages in thread
From: Patrick Wildt @ 2020-05-07  0:17 UTC (permalink / raw)
  To: u-boot

Since pkcs7_parse_message() returns an error pointer, we must not
check for NULL.  We have to explicitly set msg to NULL in the error
case, otherwise the call to pkcs7_free_message() on the goto err
path will assume it's a valid object.

Signed-off-by: Patrick Wildt <patrick@blueri.se>

diff --git a/lib/efi_loader/efi_image_loader.c b/lib/efi_loader/efi_image_loader.c
index 5a9a6424cc..43a53d3dd1 100644
--- a/lib/efi_loader/efi_image_loader.c
+++ b/lib/efi_loader/efi_image_loader.c
@@ -538,8 +538,9 @@ static bool efi_image_authenticate(void *efi, size_t efi_size)
 		}
 		msg = pkcs7_parse_message((void *)wincert + sizeof(*wincert),
 					  wincert->dwLength - sizeof(*wincert));
-		if (!msg) {
+		if (IS_ERR(msg)) {
 			debug("Parsing image's signature failed\n");
+			msg = NULL;
 			goto err;
 		}
 

^ permalink raw reply related	[flat|nested] 4+ messages in thread
* efi_loader: pkcs7_parse_message() returns error pointer
  2020-05-07  0:17 efi_loader: pkcs7_parse_message() returns error pointer Patrick Wildt
@ 2020-05-07 14:47 ` Heinrich Schuchardt
  2020-05-07 23:53   ` AKASHI Takahiro
  2020-05-07 16:02 ` Heinrich Schuchardt
  1 sibling, 1 reply; 4+ messages in thread
From: Heinrich Schuchardt @ 2020-05-07 14:47 UTC (permalink / raw)
  To: u-boot

On 07.05.20 02:17, Patrick Wildt wrote:
> Since pkcs7_parse_message() returns an error pointer, we must not
> check for NULL.  We have to explicitly set msg to NULL in the error
> case, otherwise the call to pkcs7_free_message() on the goto err
> path will assume it's a valid object.

@Takahiro
I think we should start documenting the library functions properly. The
description in lib/crypto/pkcs7_parser.c does not conform to
https://www.kernel.org/doc/html/latest/doc-guide/kernel-doc.html#function-documentation
Especially we should describe how errors are returned.

Best regards

Heinrich

>
> Signed-off-by: Patrick Wildt <patrick@blueri.se>
>
> diff --git a/lib/efi_loader/efi_image_loader.c b/lib/efi_loader/efi_image_loader.c
> index 5a9a6424cc..43a53d3dd1 100644
> --- a/lib/efi_loader/efi_image_loader.c
> +++ b/lib/efi_loader/efi_image_loader.c
> @@ -538,8 +538,9 @@ static bool efi_image_authenticate(void *efi, size_t efi_size)
>  		}
>  		msg = pkcs7_parse_message((void *)wincert + sizeof(*wincert),
>  					  wincert->dwLength - sizeof(*wincert));
> -		if (!msg) {
> +		if (IS_ERR(msg)) {
>  			debug("Parsing image's signature failed\n");
> +			msg = NULL;
>  			goto err;
>  		}
>
>

^ permalink raw reply	[flat|nested] 4+ messages in thread
* efi_loader: pkcs7_parse_message() returns error pointer
  2020-05-07  0:17 efi_loader: pkcs7_parse_message() returns error pointer Patrick Wildt
  2020-05-07 14:47 ` Heinrich Schuchardt
@ 2020-05-07 16:02 ` Heinrich Schuchardt
  1 sibling, 0 replies; 4+ messages in thread
From: Heinrich Schuchardt @ 2020-05-07 16:02 UTC (permalink / raw)
  To: u-boot

On 07.05.20 02:17, Patrick Wildt wrote:
> Since pkcs7_parse_message() returns an error pointer, we must not
> check for NULL.  We have to explicitly set msg to NULL in the error
> case, otherwise the call to pkcs7_free_message() on the goto err
> path will assume it's a valid object.
>
> Signed-off-by: Patrick Wildt <patrick@blueri.se>
>
> diff --git a/lib/efi_loader/efi_image_loader.c b/lib/efi_loader/efi_image_loader.c
> index 5a9a6424cc..43a53d3dd1 100644
> --- a/lib/efi_loader/efi_image_loader.c
> +++ b/lib/efi_loader/efi_image_loader.c
> @@ -538,8 +538,9 @@ static bool efi_image_authenticate(void *efi, size_t efi_size)
>  		}
>  		msg = pkcs7_parse_message((void *)wincert + sizeof(*wincert),
>  					  wincert->dwLength - sizeof(*wincert));
> -		if (!msg) {
> +		if (IS_ERR(msg)) {

Compiling with sandbox_defconfig results in:

lib/efi_loader/efi_image_loader.c: In function ?efi_image_authenticate?:
lib/efi_loader/efi_image_loader.c:541:7: warning: implicit declaration
of function ?IS_ERR? [-Wimplicit-function-declaration]
  541 |   if (IS_ERR(msg)) {
      |       ^~~~~~


I will add the missing #include <linux/err.h> when merging.

Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de>

>  			debug("Parsing image's signature failed\n");
> +			msg = NULL;
>  			goto err;
>  		}
>
>

^ permalink raw reply	[flat|nested] 4+ messages in thread
* efi_loader: pkcs7_parse_message() returns error pointer
  2020-05-07 14:47 ` Heinrich Schuchardt
@ 2020-05-07 23:53   ` AKASHI Takahiro
  0 siblings, 0 replies; 4+ messages in thread
From: AKASHI Takahiro @ 2020-05-07 23:53 UTC (permalink / raw)
  To: u-boot

Heinrich,

On Thu, May 07, 2020 at 04:47:22PM +0200, Heinrich Schuchardt wrote:
> On 07.05.20 02:17, Patrick Wildt wrote:
> > Since pkcs7_parse_message() returns an error pointer, we must not
> > check for NULL.  We have to explicitly set msg to NULL in the error
> > case, otherwise the call to pkcs7_free_message() on the goto err
> > path will assume it's a valid object.
> 
> @Takahiro
> I think we should start documenting the library functions properly. The

Generally I agree, but

> description in lib/crypto/pkcs7_parser.c does not conform to
> https://www.kernel.org/doc/html/latest/doc-guide/kernel-doc.html#function-documentation
> Especially we should describe how errors are returned.

Remember that this file, as well as others under lib/crypto, was
imported from linux kernel source.
I made a minimum set of changes to align it with U-Boot code.
So I'm rather reluctant to modify the file.

Thanks,
-Takahiro Akashi

> Best regards
> 
> Heinrich
> 
> >
> > Signed-off-by: Patrick Wildt <patrick@blueri.se>
> >
> > diff --git a/lib/efi_loader/efi_image_loader.c b/lib/efi_loader/efi_image_loader.c
> > index 5a9a6424cc..43a53d3dd1 100644
> > --- a/lib/efi_loader/efi_image_loader.c
> > +++ b/lib/efi_loader/efi_image_loader.c
> > @@ -538,8 +538,9 @@ static bool efi_image_authenticate(void *efi, size_t efi_size)
> >  		}
> >  		msg = pkcs7_parse_message((void *)wincert + sizeof(*wincert),
> >  					  wincert->dwLength - sizeof(*wincert));
> > -		if (!msg) {
> > +		if (IS_ERR(msg)) {
> >  			debug("Parsing image's signature failed\n");
> > +			msg = NULL;
> >  			goto err;
> >  		}
> >
> >
> 

^ permalink raw reply	[flat|nested] 4+ messages in thread
end of thread, other threads:[~2020-05-07 23:53 UTC | newest]

Thread overview: 4+ messages (download: mbox.gz / follow: Atom feed)
-- links below jump to the message on this page --
2020-05-07  0:17 efi_loader: pkcs7_parse_message() returns error pointer Patrick Wildt
2020-05-07 14:47 ` Heinrich Schuchardt
2020-05-07 23:53   ` AKASHI Takahiro
2020-05-07 16:02 ` Heinrich Schuchardt

This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.