[U-Boot] [PATCH] cmd_sf: Fix problem with "sf update" and unaligned length
Jagan Teki
jagannadh.teki at gmail.com
Wed Apr 22 13:11:49 CEST 2015
On 13 January 2015 at 11:35, Stefan Roese <sr at denx.de> wrote:
> Hi Wolfgang,
>
> On 12.01.2015 22:10, Wolfgang Denk wrote:
>>>>
>>>> Should we add a memset(buf, 0, sizeof(buf)) before the memcpy() to
>>>> prevent information from earlier activities to leak?
>>>
>>>
>>> "buf" points to the new data to be written into the flash. We're
>>> overwriting the first "len" bytes of "cmp_buf" with this data.
>>
>>
>> Oh, sorry for the mixup. Then cmp_buf should be cleared (or at elast
>> the remaining, unused part).
>
>
> No. cmp_buf contains the original data from the flash. And only the
> beginning of this buffer is overwritten with the new data from "buf". So,
> the result of the memcpy() is that "cmp_buf" contains the data that should
> be written into the flash. Its a combination of the "original data" and the
> "new data".
>
>>> I don't see why we should erase anything there. Perhaps I'm missing
>>> something though.
>>
>>
>> You are leaking data. This could contain "interesting" information;
>> see the OpenSSL “Heartbleed” vulnerability for a (nasty) example what
>> information leakage can do.
>
>
> There is nothing leaking here. When anything would be zeroed out, the
> resulting buffer would not be the one that should be used.
I think this thread link got stopped any further update on this.
thanks!
--
Jagan.
More information about the U-Boot
mailing list