* [PATCH 1/1] lib: rsa: fix padding_pss_verify
@ 2022-08-31 9:31 Heinrich Schuchardt
2022-08-31 13:46 ` Simon Glass
0 siblings, 1 reply; 3+ messages in thread
From: Heinrich Schuchardt @ 2022-08-31 9:31 UTC (permalink / raw)
To: Tom Rini
Cc: Simon Glass, SESA644425, Alexandru Gagniuc, Jamin Lin,
Philippe Reynes, u-boot, Heinrich Schuchardt
Check the that the hash length is shorter than the message length. This
avoids:
./tools/../lib/rsa/rsa-verify.c:275:11: warning:
‘*db’ may be used uninitialized [-Wmaybe-uninitialized]
275 | db[0] &= 0xff >> leftmost_bits;
Signed-off-by: Heinrich Schuchardt <heinrich.schuchardt@canonical.com>
---
lib/rsa/rsa-verify.c | 3 +++
1 file changed, 3 insertions(+)
diff --git a/lib/rsa/rsa-verify.c b/lib/rsa/rsa-verify.c
index 1d95cfbdee..255f99be24 100644
--- a/lib/rsa/rsa-verify.c
+++ b/lib/rsa/rsa-verify.c
@@ -234,6 +234,9 @@ int padding_pss_verify(struct image_sign_info *info,
uint8_t leftmost_mask;
struct checksum_algo *checksum = info->checksum;
+ if (db_len <= 0)
+ return 1;
+
/* first, allocate everything */
db_mask = malloc(db_len);
db = malloc(db_len);
--
2.37.2
^ permalink raw reply related [flat|nested] 3+ messages in thread
* Re: [PATCH 1/1] lib: rsa: fix padding_pss_verify
2022-08-31 9:31 [PATCH 1/1] lib: rsa: fix padding_pss_verify Heinrich Schuchardt
@ 2022-08-31 13:46 ` Simon Glass
2022-08-31 19:03 ` Heinrich Schuchardt
0 siblings, 1 reply; 3+ messages in thread
From: Simon Glass @ 2022-08-31 13:46 UTC (permalink / raw)
To: Heinrich Schuchardt
Cc: Tom Rini, SESA644425, Alexandru Gagniuc, Jamin Lin,
Philippe Reynes, U-Boot Mailing List
Hi Heinrich,
On Wed, 31 Aug 2022 at 03:32, Heinrich Schuchardt
<heinrich.schuchardt@canonical.com> wrote:
>
> Check the that the hash length is shorter than the message length. This
> avoids:
>
> ./tools/../lib/rsa/rsa-verify.c:275:11: warning:
> ‘*db’ may be used uninitialized [-Wmaybe-uninitialized]
> 275 | db[0] &= 0xff >> leftmost_bits;
>
> Signed-off-by: Heinrich Schuchardt <heinrich.schuchardt@canonical.com>
> ---
> lib/rsa/rsa-verify.c | 3 +++
> 1 file changed, 3 insertions(+)
>
> diff --git a/lib/rsa/rsa-verify.c b/lib/rsa/rsa-verify.c
> index 1d95cfbdee..255f99be24 100644
> --- a/lib/rsa/rsa-verify.c
> +++ b/lib/rsa/rsa-verify.c
> @@ -234,6 +234,9 @@ int padding_pss_verify(struct image_sign_info *info,
> uint8_t leftmost_mask;
> struct checksum_algo *checksum = info->checksum;
>
> + if (db_len <= 0)
> + return 1;
> +
> /* first, allocate everything */
> db_mask = malloc(db_len);
> db = malloc(db_len);
> --
> 2.37.2
>
While you are here can you please add a 'Returns' comment for this
function? I think in this case you are return 1, meaning 'different' ?
Regards,
Simon
^ permalink raw reply [flat|nested] 3+ messages in thread
* Re: [PATCH 1/1] lib: rsa: fix padding_pss_verify
2022-08-31 13:46 ` Simon Glass
@ 2022-08-31 19:03 ` Heinrich Schuchardt
0 siblings, 0 replies; 3+ messages in thread
From: Heinrich Schuchardt @ 2022-08-31 19:03 UTC (permalink / raw)
To: Simon Glass
Cc: Tom Rini, SESA644425, Alexandru Gagniuc, Jamin Lin,
Philippe Reynes, U-Boot Mailing List
On 8/31/22 15:46, Simon Glass wrote:
> Hi Heinrich,
>
> On Wed, 31 Aug 2022 at 03:32, Heinrich Schuchardt
> <heinrich.schuchardt@canonical.com> wrote:
>>
>> Check the that the hash length is shorter than the message length. This
>> avoids:
>>
>> ./tools/../lib/rsa/rsa-verify.c:275:11: warning:
>> ‘*db’ may be used uninitialized [-Wmaybe-uninitialized]
>> 275 | db[0] &= 0xff >> leftmost_bits;
>>
>> Signed-off-by: Heinrich Schuchardt <heinrich.schuchardt@canonical.com>
>> ---
>> lib/rsa/rsa-verify.c | 3 +++
>> 1 file changed, 3 insertions(+)
>>
>> diff --git a/lib/rsa/rsa-verify.c b/lib/rsa/rsa-verify.c
>> index 1d95cfbdee..255f99be24 100644
>> --- a/lib/rsa/rsa-verify.c
>> +++ b/lib/rsa/rsa-verify.c
>> @@ -234,6 +234,9 @@ int padding_pss_verify(struct image_sign_info *info,
>> uint8_t leftmost_mask;
>> struct checksum_algo *checksum = info->checksum;
>>
>> + if (db_len <= 0)
>> + return 1;
>> +
>> /* first, allocate everything */
>> db_mask = malloc(db_len);
>> db = malloc(db_len);
>> --
>> 2.37.2
>>
>
> While you are here can you please add a 'Returns' comment for this
> function? I think in this case you are return 1, meaning 'different' ?
Looking at the rest of the code 0 means ok and non-zero means not ok.
At another code position ret = EINVAL. So let me update the patch.
Best regards
Heinrich
>
> Regards,
> Simon
^ permalink raw reply [flat|nested] 3+ messages in thread
end of thread, other threads:[~2022-08-31 19:03 UTC | newest]
Thread overview: 3+ messages (download: mbox.gz / follow: Atom feed)
-- links below jump to the message on this page --
2022-08-31 9:31 [PATCH 1/1] lib: rsa: fix padding_pss_verify Heinrich Schuchardt
2022-08-31 13:46 ` Simon Glass
2022-08-31 19:03 ` Heinrich Schuchardt
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.