[U-Boot] [U-Boot, 1/2] image-sig: Ensure that hashed-nodes is null-terminated
Tom Rini
trini at konsulko.com
Sat Nov 17 14:08:24 UTC 2018
On Wed, Nov 07, 2018 at 02:51:45PM -0500, Tom Rini wrote:
> From: Konrad Beckmann <konrad.beckmann at gmail.com>
>
> A specially crafted FIT image leads to memory corruption in the stack
> when using the verified boot feature. The function fit_config_check_sig
> has a logic error that makes it possible to write past the end of the
> stack allocated array node_inc. This could potentially be used to bypass
> the signature check when using verified boot.
>
> This change ensures that the number of strings is correct when counted.
>
> Signed-off-by: Konrad Beckmann <konrad.beckmann at gmail.com>
> Reviewed-by: Simon Glass <sjg at chromium.org>
Applied to u-boot/master, thanks!
--
Tom
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 819 bytes
Desc: not available
URL: <http://lists.denx.de/pipermail/u-boot/attachments/20181117/b460938b/attachment.sig>
More information about the U-Boot
mailing list