All of lore.kernel.org
 help / color / mirror / Atom feed
* [PATCH 1/1] lib: rsa: fix padding_pss_verify
@ 2022-08-31  9:31 Heinrich Schuchardt
  2022-08-31 13:46 ` Simon Glass
  0 siblings, 1 reply; 3+ messages in thread
From: Heinrich Schuchardt @ 2022-08-31  9:31 UTC (permalink / raw)
  To: Tom Rini
  Cc: Simon Glass, SESA644425, Alexandru Gagniuc, Jamin Lin,
	Philippe Reynes, u-boot, Heinrich Schuchardt

Check the that the hash length is shorter than the message length. This
avoids:

    ./tools/../lib/rsa/rsa-verify.c:275:11: warning:
    ‘*db’ may be used uninitialized [-Wmaybe-uninitialized]
      275 |         db[0] &= 0xff >> leftmost_bits;

Signed-off-by: Heinrich Schuchardt <heinrich.schuchardt@canonical.com>
---
 lib/rsa/rsa-verify.c | 3 +++
 1 file changed, 3 insertions(+)

diff --git a/lib/rsa/rsa-verify.c b/lib/rsa/rsa-verify.c
index 1d95cfbdee..255f99be24 100644
--- a/lib/rsa/rsa-verify.c
+++ b/lib/rsa/rsa-verify.c
@@ -234,6 +234,9 @@ int padding_pss_verify(struct image_sign_info *info,
 	uint8_t leftmost_mask;
 	struct checksum_algo *checksum = info->checksum;
 
+	if (db_len <= 0)
+		return 1;
+
 	/* first, allocate everything */
 	db_mask = malloc(db_len);
 	db = malloc(db_len);
-- 
2.37.2


^ permalink raw reply related	[flat|nested] 3+ messages in thread
* Re: [PATCH 1/1] lib: rsa: fix padding_pss_verify
  2022-08-31  9:31 [PATCH 1/1] lib: rsa: fix padding_pss_verify Heinrich Schuchardt
@ 2022-08-31 13:46 ` Simon Glass
  2022-08-31 19:03   ` Heinrich Schuchardt
  0 siblings, 1 reply; 3+ messages in thread
From: Simon Glass @ 2022-08-31 13:46 UTC (permalink / raw)
  To: Heinrich Schuchardt
  Cc: Tom Rini, SESA644425, Alexandru Gagniuc, Jamin Lin,
	Philippe Reynes, U-Boot Mailing List

Hi Heinrich,

On Wed, 31 Aug 2022 at 03:32, Heinrich Schuchardt
<heinrich.schuchardt@canonical.com> wrote:
>
> Check the that the hash length is shorter than the message length. This
> avoids:
>
>     ./tools/../lib/rsa/rsa-verify.c:275:11: warning:
>     ‘*db’ may be used uninitialized [-Wmaybe-uninitialized]
>       275 |         db[0] &= 0xff >> leftmost_bits;
>
> Signed-off-by: Heinrich Schuchardt <heinrich.schuchardt@canonical.com>
> ---
>  lib/rsa/rsa-verify.c | 3 +++
>  1 file changed, 3 insertions(+)
>
> diff --git a/lib/rsa/rsa-verify.c b/lib/rsa/rsa-verify.c
> index 1d95cfbdee..255f99be24 100644
> --- a/lib/rsa/rsa-verify.c
> +++ b/lib/rsa/rsa-verify.c
> @@ -234,6 +234,9 @@ int padding_pss_verify(struct image_sign_info *info,
>         uint8_t leftmost_mask;
>         struct checksum_algo *checksum = info->checksum;
>
> +       if (db_len <= 0)
> +               return 1;
> +
>         /* first, allocate everything */
>         db_mask = malloc(db_len);
>         db = malloc(db_len);
> --
> 2.37.2
>

While you are here can you please add a 'Returns' comment for this
function? I think in this case you are return 1, meaning 'different' ?

Regards,
Simon

^ permalink raw reply	[flat|nested] 3+ messages in thread
* Re: [PATCH 1/1] lib: rsa: fix padding_pss_verify
  2022-08-31 13:46 ` Simon Glass
@ 2022-08-31 19:03   ` Heinrich Schuchardt
  0 siblings, 0 replies; 3+ messages in thread
From: Heinrich Schuchardt @ 2022-08-31 19:03 UTC (permalink / raw)
  To: Simon Glass
  Cc: Tom Rini, SESA644425, Alexandru Gagniuc, Jamin Lin,
	Philippe Reynes, U-Boot Mailing List



On 8/31/22 15:46, Simon Glass wrote:
> Hi Heinrich,
> 
> On Wed, 31 Aug 2022 at 03:32, Heinrich Schuchardt
> <heinrich.schuchardt@canonical.com> wrote:
>>
>> Check the that the hash length is shorter than the message length. This
>> avoids:
>>
>>      ./tools/../lib/rsa/rsa-verify.c:275:11: warning:
>>      ‘*db’ may be used uninitialized [-Wmaybe-uninitialized]
>>        275 |         db[0] &= 0xff >> leftmost_bits;
>>
>> Signed-off-by: Heinrich Schuchardt <heinrich.schuchardt@canonical.com>
>> ---
>>   lib/rsa/rsa-verify.c | 3 +++
>>   1 file changed, 3 insertions(+)
>>
>> diff --git a/lib/rsa/rsa-verify.c b/lib/rsa/rsa-verify.c
>> index 1d95cfbdee..255f99be24 100644
>> --- a/lib/rsa/rsa-verify.c
>> +++ b/lib/rsa/rsa-verify.c
>> @@ -234,6 +234,9 @@ int padding_pss_verify(struct image_sign_info *info,
>>          uint8_t leftmost_mask;
>>          struct checksum_algo *checksum = info->checksum;
>>
>> +       if (db_len <= 0)
>> +               return 1;
>> +
>>          /* first, allocate everything */
>>          db_mask = malloc(db_len);
>>          db = malloc(db_len);
>> --
>> 2.37.2
>>
> 
> While you are here can you please add a 'Returns' comment for this
> function? I think in this case you are return 1, meaning 'different' ?

Looking at the rest of the code 0 means ok and non-zero means not ok.

At another code position ret = EINVAL. So let me update the patch.

Best regards

Heinrich

> 
> Regards,
> Simon

^ permalink raw reply	[flat|nested] 3+ messages in thread
end of thread, other threads:[~2022-08-31 19:03 UTC | newest]

Thread overview: 3+ messages (download: mbox.gz / follow: Atom feed)
-- links below jump to the message on this page --
2022-08-31  9:31 [PATCH 1/1] lib: rsa: fix padding_pss_verify Heinrich Schuchardt
2022-08-31 13:46 ` Simon Glass
2022-08-31 19:03   ` Heinrich Schuchardt

This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.