Whitebox
/
u-boot
1
0
Fork 0
Code Issues Pull Requests Releases Wiki Activity

Prevent a buffer overflow in mkimage when signing with SHA256

Browse Source 
Due to the FIT_MAX_HASH_LEN constant not having been updated
to support SHA256 signatures one will always see a buffer
overflow in fit_image_process_hash when signing images that
use this larger hash.  This is exposed by vboot_test.sh.

Signed-off-by: Michael van der Westhuizen <michael@smart-africa.com>
Acked-by: Simon Glass <sjg@chromium.org>
[trini: Rework a bit so move the exportable parts of hash.h outside of
 !USE_HOSTCC and only need that as a new include to image.h]
Signed-off-by: Tom Rini <trini@ti.com>
master
Michael van der Westhuizen 10 years ago committed by Tom Rini
parent d835e91d56
commit 1de7bb4f27
2 changed files with 15 additions and 12 deletions
Show all changes Ignore whitespace when comparing lines Ignore changes in amount of whitespace Ignore changes in whitespace at EOL
Show Stats Download Patch File Download Diff File
  1. 24
      include/hash.h
  2. 3
      include/image.h

24
include/hash.h
Unescape View File

@ -6,6 +6,18 @@
#ifndef _HASH_H
#define _HASH_H
/*
* Maximum digest size for all algorithms we support. Having this value
* avoids a malloc() or C99 local declaration in common/cmd_hash.c.
*/
#define HASH_MAX_DIGEST_SIZE 32
enum {
HASH_FLAG_VERIFY = 1 << 0, /* Enable verify mode */
HASH_FLAG_ENV = 1 << 1, /* Allow env vars */
};
#ifndef USE_HOSTCC
#if defined(CONFIG_SHA1SUM_VERIFY) || defined(CONFIG_CRC32_VERIFY)
#define CONFIG_HASH_VERIFY
#endif
@ -65,17 +77,6 @@ struct hash_algo {
int size);
};
/*
* Maximum digest size for all algorithms we support. Having this value
* avoids a malloc() or C99 local declaration in common/cmd_hash.c.
*/
#define HASH_MAX_DIGEST_SIZE 32
enum {
HASH_FLAG_VERIFY = 1 << 0, /* Enable verify mode */
HASH_FLAG_ENV = 1 << 1, /* Allow env vars */
};
/**
* hash_command: Process a hash command for a particular algorithm
*
@ -125,4 +126,5 @@ int hash_block(const char *algo_name, const void *data, unsigned int len,
* @return 0 if ok, -EPROTONOSUPPORT for an unknown algorithm.
*/
int hash_lookup_algo(const char *algo_name, struct hash_algo **algop);
#endif /* !USE_HOSTCC */
#endif

3
include/image.h
Unescape View File

@ -45,6 +45,7 @@ struct lmb;
#endif /* USE_HOSTCC */
#if defined(CONFIG_FIT)
#include <hash.h>
#include <libfdt.h>
#include <fdt_support.h>
# ifdef CONFIG_SPL_BUILD
@ -706,7 +707,7 @@ int bootz_setup(ulong image, ulong *start, ulong *end);
#define FIT_FDT_PROP "fdt"
#define FIT_DEFAULT_PROP "default"
#define FIT_MAX_HASH_LEN 20 /* max(crc32_len(4), sha1_len(20)) */
#define FIT_MAX_HASH_LEN HASH_MAX_DIGEST_SIZE
/* cmdline argument format parsing */
int fit_parse_conf(const char *spec, ulong addr_curr,

Write Preview
Loading…
Cancel
Save