[U-Boot] [U-Boot, v3] Prevent a buffer overflow in mkimage when signing with SHA256
Tom Rini
trini at ti.com
Fri Jun 6 00:50:03 CEST 2014
On Fri, May 30, 2014 at 08:59:00PM +0200, Michael van der Westhuizen wrote:
> From: Michael van der Westhuizen <michael at smart-africa.com>
>
> Due to the FIT_MAX_HASH_LEN constant not having been updated
> to support SHA256 signatures one will always see a buffer
> overflow in fit_image_process_hash when signing images that
> use this larger hash. This is exposed by vboot_test.sh.
>
> Signed-off-by: Michael van der Westhuizen <michael at smart-africa.com>
> Acked-by: Simon Glass <sjg at chromium.org>
Applied to u-boot/master (with a rework to hash.h to avoid breaking
various platforms when host tools start adding command.h) , thanks!
--
Tom
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 836 bytes
Desc: Digital signature
URL: <http://lists.denx.de/pipermail/u-boot/attachments/20140605/55ca4c56/attachment.pgp>
More information about the U-Boot
mailing list