* [PATCH u-boot v2019.04-aspeed-openbmc] as2600/scu: Fix printing of security info
@ 2022-03-10 4:58 Joel Stanley
0 siblings, 0 replies; only message in thread
From: Joel Stanley @ 2022-03-10 4:58 UTC (permalink / raw)
To: openbmc; +Cc: Johnny Huang
The current code misses initialising the char buffer 'alg' to zero,
causing the sprintf to potentially write past the end of the buffer.
Most of the time strlen happened upon a 0 early in the buffer, and the
resulting string would be constructed in bounds:
Secure Boot: Mode_2, m��ERSA4096_SHA512
Avoid the issue by not constructing the string in memory. Instead print
it out as the bits are parsed.
Fixes: dd27b24b13d5 ("ARM: Aspeed: update secure boot information")
Signed-off-by: Joel Stanley <joel@jms.id.au>
---
arch/arm/mach-aspeed/ast2600/scu_info.c | 22 +++++++++++-----------
1 file changed, 11 insertions(+), 11 deletions(-)
diff --git a/arch/arm/mach-aspeed/ast2600/scu_info.c b/arch/arm/mach-aspeed/ast2600/scu_info.c
index 606b2445e7de..a2277eec584d 100644
--- a/arch/arm/mach-aspeed/ast2600/scu_info.c
+++ b/arch/arm/mach-aspeed/ast2600/scu_info.c
@@ -95,7 +95,6 @@ void aspeed_print_security_info(void)
u32 sb_sts = readl(ASPEED_SB_STS);
u32 hash;
u32 rsa;
- char alg[20];
if (!(sb_sts & BIT(6)))
return;
@@ -104,38 +103,39 @@ void aspeed_print_security_info(void)
hash = (qsr >> 10) & 3;
rsa = (qsr >> 12) & 3;
+ printf("Mode_2, ");
+
if (qsr & BIT(27)) {
- sprintf(alg + strlen(alg), "AES_");
+ printf("AES_");
}
switch (rsa) {
case 0:
- sprintf(alg + strlen(alg), "RSA1024_");
+ printf("RSA1024_");
break;
case 1:
- sprintf(alg + strlen(alg), "RSA2048_");
+ printf("RSA2048_");
break;
case 2:
- sprintf(alg + strlen(alg), "RSA3072_");
+ printf("RSA3072_");
break;
default:
- sprintf(alg + strlen(alg), "RSA4096_");
+ printf("RSA4096_");
break;
}
switch (hash) {
case 0:
- sprintf(alg + strlen(alg), "SHA224");
+ printf("SHA224\n");
break;
case 1:
- sprintf(alg + strlen(alg), "SHA256");
+ printf("SHA256\n");
break;
case 2:
- sprintf(alg + strlen(alg), "SHA384");
+ printf("SHA384\n");
break;
default:
- sprintf(alg + strlen(alg), "SHA512");
+ printf("SHA512\n");
break;
}
- printf("Mode_2, %s\n", alg);
} else {
printf("Mode_GCM\n");
return;
--
2.34.1
^ permalink raw reply related [flat|nested] only message in thread
only message in thread, other threads:[~2022-03-10 4:58 UTC | newest]
Thread overview: (only message) (download: mbox.gz / follow: Atom feed)
-- links below jump to the message on this page --
2022-03-10 4:58 [PATCH u-boot v2019.04-aspeed-openbmc] as2600/scu: Fix printing of security info Joel Stanley
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).