[U-Boot] [PATCH v2] Prevent a buffer overflow in mkimage when signing with SHA256
Michael van der Westhuizen
michael at smart-africa.com
Fri May 30 20:50:35 CEST 2014
Hi Simon,
That's very odd. I'll regenerate the patch and resend.
I'm using git send-email, so things should not be getting mangled.
Michael
On 30 May 2014, at 8:42 PM, Simon Glass <sjg at chromium.org> wrote:
> Hi Michael,
>
> On 26 May 2014 07:09, Michael van der Westhuizen
> <michael at smart-africa.com> wrote:
>> Due to the FIT_MAX_HASH_LEN constant not having been updated
>> to support SHA256 signatures one will always see a buffer
>> overflow in fit_image_process_hash when signing images that
>> use this larger hash. This is exposed by vboot_test.sh.
>>
>> Signed-off-by: Michael van der Westhuizen <michael at smart-africa.com>
>> ---
>> Changes in v2:
>> * Use the HASH_MAX_DIGEST_SIZE constant from hash.h for the
>> FIT_MAX_HASH_LEN.
>> * Hide use of struct lmb behind USE_HOSTCC being undefined.
>
> This seems to have whitespace problems, or it could be your mailer.
> There should be tabs in there somewhere. Did you use patman to
> check/send?
>
> Regards,
> Simon
More information about the U-Boot
mailing list