[U-Boot] [PATCH 1/2] image-sig: Ensure that hashed-nodes is null-terminated
Simon Glass
sjg at chromium.org
Tue Nov 13 19:54:02 UTC 2018
On 7 November 2018 at 11:51, Tom Rini <trini at konsulko.com> wrote:
> From: Konrad Beckmann <konrad.beckmann at gmail.com>
>
> A specially crafted FIT image leads to memory corruption in the stack
> when using the verified boot feature. The function fit_config_check_sig
> has a logic error that makes it possible to write past the end of the
> stack allocated array node_inc. This could potentially be used to bypass
> the signature check when using verified boot.
>
> This change ensures that the number of strings is correct when counted.
>
> Signed-off-by: Konrad Beckmann <konrad.beckmann at gmail.com>
> ---
> common/image-sig.c | 5 +++++
> 1 file changed, 5 insertions(+)
Reviewed-by: Simon Glass <sjg at chromium.org>
More information about the U-Boot
mailing list