[U-Boot] [PATCH v2] Prevent a buffer overflow in mkimage when signing with SHA256
Simon Glass
sjg at chromium.org
Fri May 30 20:42:41 CEST 2014
Hi Michael,
On 26 May 2014 07:09, Michael van der Westhuizen
<michael at smart-africa.com> wrote:
> Due to the FIT_MAX_HASH_LEN constant not having been updated
> to support SHA256 signatures one will always see a buffer
> overflow in fit_image_process_hash when signing images that
> use this larger hash. This is exposed by vboot_test.sh.
>
> Signed-off-by: Michael van der Westhuizen <michael at smart-africa.com>
> ---
> Changes in v2:
> * Use the HASH_MAX_DIGEST_SIZE constant from hash.h for the
> FIT_MAX_HASH_LEN.
> * Hide use of struct lmb behind USE_HOSTCC being undefined.
This seems to have whitespace problems, or it could be your mailer.
There should be tabs in there somewhere. Did you use patman to
check/send?
Regards,
Simon
More information about the U-Boot
mailing list