From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from phobos.denx.de (phobos.denx.de [85.214.62.61]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by smtp.lore.kernel.org (Postfix) with ESMTPS id D1505C6FA8E for ; Mon, 26 Sep 2022 06:24:05 +0000 (UTC) Received: from h2850616.stratoserver.net (localhost [IPv6:::1]) by phobos.denx.de (Postfix) with ESMTP id 0140A84C81; Mon, 26 Sep 2022 08:24:04 +0200 (CEST) Authentication-Results: phobos.denx.de; dmarc=fail (p=none dis=none) header.from=gmx.de Authentication-Results: phobos.denx.de; spf=pass smtp.mailfrom=u-boot-bounces@lists.denx.de Authentication-Results: phobos.denx.de; dkim=pass (1024-bit key; secure) header.d=gmx.net header.i=@gmx.net header.b="WGBMSDbm"; dkim-atps=neutral Received: by phobos.denx.de (Postfix, from userid 109) id 1FE1384C85; Mon, 26 Sep 2022 08:24:01 +0200 (CEST) Received: from mout.gmx.net (mout.gmx.net [212.227.15.19]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits)) (No client certificate requested) by phobos.denx.de (Postfix) with ESMTPS id C0CC084C69 for ; Mon, 26 Sep 2022 08:23:58 +0200 (CEST) Authentication-Results: phobos.denx.de; dmarc=pass (p=none dis=none) header.from=gmx.de Authentication-Results: phobos.denx.de; spf=pass smtp.mailfrom=xypron.glpk@gmx.de DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=gmx.net; s=badeba3b8450; t=1664173433; bh=R8BdTmMiWM7nrykb3199CLIOyX1SeOUAbcdyIEOtUvY=; h=X-UI-Sender-Class:Date:Subject:To:Cc:References:From:In-Reply-To; b=WGBMSDbm8646q/eeVp1aOgGWejIXhTgI2iMv/TDgxd72X953A/AJ0aHdmaP8LdCvd 3WiImZjJRkf+If/xEkPjiPjsc6C7bhwk3QSAgJQDnsfwiRCPrbuVX3O7LnUGym0kPP cP/4JKPER449YiCXbBePuPggCpEcZ5q1yXgLNp5I= X-UI-Sender-Class: 01bb95c1-4bf8-414a-932a-4f6e2808ef9c Received: from [192.168.123.94] ([84.118.157.2]) by mail.gmx.net (mrgmx004 [212.227.17.190]) with ESMTPSA (Nemesis) id 1N17UW-1pNYuY3UIk-012WhW; Mon, 26 Sep 2022 08:23:52 +0200 Message-ID: <8b8d1f7e-71c0-d071-41f2-6247e7899966@gmx.de> Date: Mon, 26 Sep 2022 08:23:51 +0200 MIME-Version: 1.0 User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:102.0) Gecko/20100101 Thunderbird/102.3.0 Subject: Re: [PATCH 04/45] rsa: Avoid warning in padding_pss_verify() Content-Language: en-US To: Simon Glass Cc: Tom Rini , Alexandru Gagniuc , Jamin Lin , Philippe Reynes , SESA644425 , U-Boot Mailing List References: <20220925150248.2524421-1-sjg@chromium.org> <20220925150248.2524421-5-sjg@chromium.org> From: Heinrich Schuchardt In-Reply-To: <20220925150248.2524421-5-sjg@chromium.org> Content-Type: text/plain; charset=UTF-8; format=flowed Content-Transfer-Encoding: quoted-printable X-Provags-ID: V03:K1:irfI9Jo2VF2elHG9FfZlJparkndrZGR8FuWdoL59BaTw/zs1A8d qWiax6qMe+2sEXCBgiyQjPlzf58rd1HHzXtrcndXM4ALdBmC3P5YAvuMA+AUcybqodhf3vo PY/lNjLZUZu4lV7gV/cMQFKGYnONQjVGhKg7PDJdBvAsWPULK8Nds7j1t1eF4loJ0ngywSu 1+MOYR8TC5l0wXsXm55QA== X-UI-Out-Filterresults: notjunk:1;V03:K0:6Rn8zGw+ewE=:d3MoqkJkY3h4nYwHMdxEDN +nNAzUuivjanrqZTaHWz4BXF/X4GUKrdEQ1c1LuIqV9UBLqiGDbZM+lLiH8X0mNKtxna6Plh1 0S95ZNdF1115G1dbOsBxpoPDHYbND1Yf/WRvIzPAnd1j06717/qiZGpPT4EtQb9nn0uolmhby OVzHZWCzEJu/S/2JHMK+1vzm7LupzWQmA/osGn6telk0YxxuTbJ65rM+Nm/xKetWybiC4yGHF ky1FF9czf5gWSOcvXmKLgOvka5osamCFSbBHgM+3ahSPevgnT4+CA4f/LD2z+fzQZss4yB5D2 n8uB9sOJ3+Cq+9Imqu0zRRyXCqHF4lEKJSgIGnm6msV1MSVUWSuku2oSKOGR3bg4nkuMkxJkx SS47HPR08l7edG/6KYZieH8Mnk/PMtbLjGFDwklHEzHH4DMGT9Bbvjyo7QgUnFpnq4X+Vsl5t jrwSIdbpEtqMt4lrDoW42/HHVGLwSMXPFsCllw0KiyF+XDjGce7Dq5ZS1vIG0i7K2TF8vygUU qtbRBxfQWNcyy0qkF0fROn+mjDNYyVaOrLXANCwxvtJXvWmasIlBYH5IA2Npm/nHdm+gEaKYg 56SL5TRfUWGylyPm0gfN/IzoqW6YoBKwIC8fdReAtttPZ223T7id8pndaBbmvERQUmRPUbBAz 1eWozYLyttqRWLrdosDtOIB8fv/pcBE/Yy4vavn/fwBqWW2rS4ewi4HVlwNLHobyJBfm+Ools WgIGuOUsH2p1bI27bCoODzsP0BDuGBacypV2sGgyefl2TsMZr/OIgDiMnKIYT6U3A9dYXfP6B MRFclRSnFeqwa5Nn+WgUDB1iUbPLO/3C77RK6sIO+N6DgOYaS+IImclXDxj6/N7UM1iocjoUb vydAWKYQle+V6J7KeKlQwBER2YBqnYWvhHM6JpVMbKL79ZIvA7f4HTjSeXs/RyWU0kdwBU06A tETuxXFE/vWPchD66FlQrloQHtQp8NJjOVyQo+Jt72qVvYlo/RR+W93tYp67gIXDVzPZc7zAF 4Ghal1hdPPVfJnvtIJDWFEHmmvmowInXTfuCYlHyJXzRnhlcTWIgSgTxIYQKlEWn/P+BCrZa0 UNmhrGVhkGfr3wou3RYlN7j5nYecVGqwRaqPgsBUewIpBjfzln3rghlTmrODF6opI8Y4sPMnl 1DBy9n+BgkpG4Ads8U0vaLCfVy X-BeenThere: u-boot@lists.denx.de X-Mailman-Version: 2.1.39 Precedence: list List-Id: U-Boot discussion List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: u-boot-bounces@lists.denx.de Sender: "U-Boot" X-Virus-Scanned: clamav-milter 0.103.6 at phobos.denx.de X-Virus-Status: Clean On 9/25/22 17:02, Simon Glass wrote: > With gcc 12 we ge the following warning: %s/ge/get/ > > In file included from tools/lib/rsa/rsa-verify.c:1: > lib/rsa/rsa-verify.c:275:11: warning: =E2=80=98*db=E2=80=99 may be used = uninitialized > 275 | db[0] &=3D 0xff >> leftmost_bits; > > Check the value of db_len to ensure this cannot happen. > > Signed-off-by: Simon Glass > --- > > lib/rsa/rsa-verify.c | 5 +++++ > 1 file changed, 5 insertions(+) > > diff --git a/lib/rsa/rsa-verify.c b/lib/rsa/rsa-verify.c > index 1d95cfbdee0..81c39251e59 100644 > --- a/lib/rsa/rsa-verify.c > +++ b/lib/rsa/rsa-verify.c > @@ -234,6 +234,11 @@ int padding_pss_verify(struct image_sign_info *info= , > uint8_t leftmost_mask; > struct checksum_algo *checksum =3D info->checksum; > > + if (db_len <=3D 0) { Why are length fields msg_len, hash_len, db_len signed? I cannot imagine an array with negative length. Any of the parameters msg_len and hash_len being negative would be an error. The check here should be if (msg_len >=3D hash_len) to allow db_len moving to unsigned types. struct padding_algo() should be corrected to use size_t. Best regards Heinrich > + ret =3D -EINVAL; > + goto out; > + } > + > /* first, allocate everything */ > db_mask =3D malloc(db_len); > db =3D malloc(db_len);