u-boot.lists.denx.de archive mirror
 help / color / mirror / Atom feed
* [PATCH v2 1/1] lib: rsa: fix padding_pss_verify
@ 2022-08-31 19:13 Heinrich Schuchardt
  2022-08-31 19:23 ` Simon Glass
  2022-09-15 14:01 ` Tom Rini
  0 siblings, 2 replies; 3+ messages in thread
From: Heinrich Schuchardt @ 2022-08-31 19:13 UTC (permalink / raw)
  To: Tom Rini
  Cc: Simon Glass, SESA644425, Alexandru Gagniuc, Jamin Lin,
	Philippe Reynes, u-boot, Heinrich Schuchardt

Check the that the hash length is shorter than the message length. This
avoids:

    ./tools/../lib/rsa/rsa-verify.c:275:11: warning:
    ‘*db’ may be used uninitialized [-Wmaybe-uninitialized]
      275 |         db[0] &= 0xff >> leftmost_bits;

Signed-off-by: Heinrich Schuchardt <heinrich.schuchardt@canonical.com>
---
v2:
	Use -EINVAL to indicate incorrect parameters.
	Add description of return value.
---
 lib/rsa/rsa-verify.c | 5 +++++
 1 file changed, 5 insertions(+)

diff --git a/lib/rsa/rsa-verify.c b/lib/rsa/rsa-verify.c
index 1d95cfbdee..f13cd23cf2 100644
--- a/lib/rsa/rsa-verify.c
+++ b/lib/rsa/rsa-verify.c
@@ -215,6 +215,8 @@ out:
  * @msg_len:	Message length
  * @hash:	Pointer to the expected hash
  * @hash_len:	Length of the hash
+ *
+ * Return:	0 if padding is correct, non-zero otherwise
  */
 int padding_pss_verify(struct image_sign_info *info,
 		       const uint8_t *msg, int msg_len,
@@ -234,6 +236,9 @@ int padding_pss_verify(struct image_sign_info *info,
 	uint8_t leftmost_mask;
 	struct checksum_algo *checksum = info->checksum;
 
+	if (db_len <= 0)
+		return -EINVAL;
+
 	/* first, allocate everything */
 	db_mask = malloc(db_len);
 	db = malloc(db_len);
-- 
2.37.2


^ permalink raw reply related	[flat|nested] 3+ messages in thread
* Re: [PATCH v2 1/1] lib: rsa: fix padding_pss_verify
  2022-08-31 19:13 [PATCH v2 1/1] lib: rsa: fix padding_pss_verify Heinrich Schuchardt
@ 2022-08-31 19:23 ` Simon Glass
  2022-09-15 14:01 ` Tom Rini
  1 sibling, 0 replies; 3+ messages in thread
From: Simon Glass @ 2022-08-31 19:23 UTC (permalink / raw)
  To: Heinrich Schuchardt
  Cc: Tom Rini, SESA644425, Alexandru Gagniuc, Jamin Lin,
	Philippe Reynes, U-Boot Mailing List

On Wed, 31 Aug 2022 at 13:13, Heinrich Schuchardt
<heinrich.schuchardt@canonical.com> wrote:
>
> Check the that the hash length is shorter than the message length. This
> avoids:
>
>     ./tools/../lib/rsa/rsa-verify.c:275:11: warning:
>     ‘*db’ may be used uninitialized [-Wmaybe-uninitialized]
>       275 |         db[0] &= 0xff >> leftmost_bits;
>
> Signed-off-by: Heinrich Schuchardt <heinrich.schuchardt@canonical.com>
> ---
> v2:
>         Use -EINVAL to indicate incorrect parameters.
>         Add description of return value.
> ---
>  lib/rsa/rsa-verify.c | 5 +++++
>  1 file changed, 5 insertions(+)

Reviewed-by: Simon Glass <sjg@chromium.org>

^ permalink raw reply	[flat|nested] 3+ messages in thread
* Re: [PATCH v2 1/1] lib: rsa: fix padding_pss_verify
  2022-08-31 19:13 [PATCH v2 1/1] lib: rsa: fix padding_pss_verify Heinrich Schuchardt
  2022-08-31 19:23 ` Simon Glass
@ 2022-09-15 14:01 ` Tom Rini
  1 sibling, 0 replies; 3+ messages in thread
From: Tom Rini @ 2022-09-15 14:01 UTC (permalink / raw)
  To: Heinrich Schuchardt
  Cc: SESA644425, Philippe Reynes, Alexandru Gagniuc, u-boot,
	Jamin Lin, Simon Glass, Joel Stanley

On Wed, 31 Aug 2022 21:13:40 +0200, Heinrich Schuchardt wrote:

> Check the that the hash length is shorter than the message length. This
> avoids:
> 
>     ./tools/../lib/rsa/rsa-verify.c:275:11: warning:
>     ‘*db’ may be used uninitialized [-Wmaybe-uninitialized]
>       275 |         db[0] &= 0xff >> leftmost_bits;
> 
> [...]

As there were two patches, I took this one as it updated the kernel-doc comment
as well, and I put the fixes tag from Joel's commit here.

Applied to u-boot/next, thanks!

-- 
Tom


^ permalink raw reply	[flat|nested] 3+ messages in thread
end of thread, other threads:[~2022-09-15 14:01 UTC | newest]

Thread overview: 3+ messages (download: mbox.gz / follow: Atom feed)
-- links below jump to the message on this page --
2022-08-31 19:13 [PATCH v2 1/1] lib: rsa: fix padding_pss_verify Heinrich Schuchardt
2022-08-31 19:23 ` Simon Glass
2022-09-15 14:01 ` Tom Rini

This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).