Gitiles
Code Review Sign In
gerrit.cesnet.cz / github / trini / u-boot / f1c85688ab13f154ebe1b1480def233a22e7f66b
commitf1c85688ab13f154ebe1b1480def233a22e7f66b[log] [tgz]
authorKonrad Beckmann <konrad.beckmann@gmail.com>Wed Nov 07 14:51:45 2018 -0500
committerTom Rini <trini@konsulko.com>Fri Nov 16 16:52:01 2018 -0500
treec442e39843d945fb0df01ce2af6e431fc718a402
parentad5fbc6e8858d0f57a0712f7dba2c710aed9a43c [diff]
image-sig: Ensure that hashed-nodes is null-terminated

A specially crafted FIT image leads to memory corruption in the stack
when using the verified boot feature. The function fit_config_check_sig
has a logic error that makes it possible to write past the end of the
stack allocated array node_inc. This could potentially be used to bypass
the signature check when using verified boot.

This change ensures that the number of strings is correct when counted.

Signed-off-by: Konrad Beckmann <konrad.beckmann@gmail.com>
Reviewed-by: Simon Glass <sjg@chromium.org>
1 file changed
tree: c442e39843d945fb0df01ce2af6e431fc718a402
  1. .checkpatch.conf
  2. .gitignore
  3. .mailmap
  4. .travis.yml
  5. Documentation/
  6. Kbuild
  7. Kconfig
  8. Licenses/
  9. MAINTAINERS
  10. Makefile
  11. README
  12. api/
  13. arch/
  14. board/
  15. cmd/
  16. common/
  17. config.mk
  18. configs/
  19. disk/
  20. doc/
  21. drivers/
  22. dts/
  23. env/
  24. examples/
  25. fs/
  26. include/
  27. lib/
  28. net/
  29. post/
  30. scripts/
  31. test/
  32. tools/