image-sig: Ensure that hashed-nodes is null-terminated - starfive-tech/u-boot.git - StarFive Tech U-Boot for VisionFive (JH7110) boards (mirror)

diff options

author	Konrad Beckmann <konrad.beckmann@gmail.com>	2018-11-07 22:51:45 +0300
committer	Tom Rini <trini@konsulko.com>	2018-11-17 00:52:01 +0300
commit	f1c85688ab13f154ebe1b1480def233a22e7f66b (patch)
tree	c442e39843d945fb0df01ce2af6e431fc718a402 /board
parent	ad5fbc6e8858d0f57a0712f7dba2c710aed9a43c (diff)
download	u-boot-f1c85688ab13f154ebe1b1480def233a22e7f66b.tar.xz

image-sig: Ensure that hashed-nodes is null-terminated

A specially crafted FIT image leads to memory corruption in the stack when using the verified boot feature. The function fit_config_check_sig has a logic error that makes it possible to write past the end of the stack allocated array node_inc. This could potentially be used to bypass the signature check when using verified boot. This change ensures that the number of strings is correct when counted. Signed-off-by: Konrad Beckmann <konrad.beckmann@gmail.com> Reviewed-by: Simon Glass <sjg@chromium.org>

Diffstat (limited to 'board')

0 files changed, 0 insertions, 0 deletions


context:
space:
mode: