[U-Boot] [PATCH] Prevent a buffer overflow in mkimage when signing with SHA256
Simon Glass
sjg at chromium.org
Thu May 22 03:08:39 CEST 2014
In 20 May 2014 03:16, Michael van der Westhuizen
<michael.vanderwesthuizen at smart-africa.com> wrote:
> Due to the FIT_MAX_HASH_LEN constant not having been updated
> to support SHA256 signatures one will always see a buffer
> overflow in fit_image_process_hash when signing images that
> use this larger hash. This is exposed by vboot_test.sh.
>
> Signed-off-by: Michael van der Westhuizen <michael at smart-africa.com>
> ---
> include/image.h | 3 ++-
> 1 file changed, 2 insertions(+), 1 deletion(-)
>
> diff --git a/include/image.h b/include/image.h
> index b278778..fdaab5e 100644
> --- a/include/image.h
> +++ b/include/image.h
> @@ -702,7 +702,8 @@ int bootz_setup(ulong image, ulong *start, ulong *end);
> #define FIT_FDT_PROP "fdt"
> #define FIT_DEFAULT_PROP "default"
>
> -#define FIT_MAX_HASH_LEN 20 /* max(crc32_len(4), sha1_len(20)) */
> +/* max(crc32_len(4), sha1_len(20), sha256_len(32)) */
> +#define FIT_MAX_HASH_LEN 32
I think it might be better to use HASH_MAX_DIGEST_SIZE from hash.h.
Perhaps we could even use a macro like max(SHA1_SUM_LEN,
SHA256_SUM_LEN) there?
>
> /* cmdline argument format parsing */
> int fit_parse_conf(const char *spec, ulong addr_curr,
> --
> 2.0.0.rc0
More information about the U-Boot
mailing list