* [PATCH v3 7/8] efi_loader: signature: rework for intermediate
@ 2020-07-16 11:39 REITHER Robert - Contractor
2020-07-17 2:10 ` Takahiro Akashi
0 siblings, 1 reply; 2+ messages in thread
From: REITHER Robert - Contractor @ 2020-07-16 11:39 UTC (permalink / raw)
To: u-boot
Hi,
I think I have found a bug in
lib/efi_loader/efi_signature.c
efi_verify_certificate()
+ cert = x509_cert_parse(sig_data->data, sig_data->size);
+ if (!cert) {
+ EFI_PRINT("Cannot parse x509 certificate\n");
+ continue;
+ }
x509_cert_parse() not only returns a pointer, but also embed a linux error_code, so if an error happens there, the (!cert) check will fail!
I suggest using:
- if (!cert) {
+ if (IS_ERR(cert)) {
Regards
Robert
^ permalink raw reply [flat|nested] 2+ messages in thread
* [PATCH v3 7/8] efi_loader: signature: rework for intermediate
2020-07-16 11:39 [PATCH v3 7/8] efi_loader: signature: rework for intermediate REITHER Robert - Contractor
@ 2020-07-17 2:10 ` Takahiro Akashi
0 siblings, 0 replies; 2+ messages in thread
From: Takahiro Akashi @ 2020-07-17 2:10 UTC (permalink / raw)
To: u-boot
On Thu, Jul 16, 2020 at 11:39:36AM +0000, REITHER Robert - Contractor wrote:
> Hi,
>
> I think I have found a bug in
> lib/efi_loader/efi_signature.c
>
> efi_verify_certificate()
>
> + cert = x509_cert_parse(sig_data->data, sig_data->size);
> + if (!cert) {
> + EFI_PRINT("Cannot parse x509 certificate\n");
> + continue;
> + }
>
>
> x509_cert_parse() not only returns a pointer, but also embed a linux error_code, so if an error happens there, the (!cert) check will fail!
>
> I suggest using:
>
> - if (!cert) {
> + if (IS_ERR(cert)) {
That's correct.
Can you post a fix patch, please?
# There was the same problem with pkcs7_parse_message(),
# and I have fixed it before.
Thanks,
-Takahiro Akashi
>
> Regards
> Robert
^ permalink raw reply [flat|nested] 2+ messages in thread
end of thread, other threads:[~2020-07-17 2:10 UTC | newest]
Thread overview: 2+ messages (download: mbox.gz / follow: Atom feed)
-- links below jump to the message on this page --
2020-07-16 11:39 [PATCH v3 7/8] efi_loader: signature: rework for intermediate REITHER Robert - Contractor
2020-07-17 2:10 ` Takahiro Akashi
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.