[PATCH V2] mkimage: fit: Do not tail-pad fitImage with external data
Simon Glass
sjg at chromium.org
Sun May 3 04:26:44 CEST 2020
On Fri, 1 May 2020 at 09:40, Marek Vasut <marex at denx.de> wrote:
>
> There is no reason to tail-pad fitImage with external data to 4-bytes,
> while fitImage without external data does not have any such padding and
> is often unaligned. DT spec also does not mandate any such padding.
>
> Moreover, the tail-pad fills the last few bytes with uninitialized data,
> which could lead to a potential information leak.
>
> $ echo -n xy > /tmp/data ; \
> ./tools/mkimage -E -f auto -d /tmp/data /tmp/fitImage ; \
> hexdump -vC /tmp/fitImage | tail -n 3
>
> before:
> 00000260 61 2d 6f 66 66 73 65 74 00 64 61 74 61 2d 73 69 |a-offset.data-si|
> 00000270 7a 65 00 00 78 79 64 64 |ze..xydd|
> ^^ ^^ ^^
> after:
> 00000260 61 2d 6f 66 66 73 65 74 00 64 61 74 61 2d 73 69 |a-offset.data-si|
> 00000270 7a 65 00 78 79 |ze.xy|
>
> Signed-off-by: Marek Vasut <marex at denx.de>
> Cc: Heinrich Schuchardt <xypron.glpk at gmx.de>
> Cc: Simon Glass <sjg at chromium.org>
> Cc: Tom Rini <trini at konsulko.com>
> ---
> V2: Rebase on u-boot/master, update commit message
> ---
> tools/fit_image.c | 3 +--
> 1 file changed, 1 insertion(+), 2 deletions(-)
Reviewed-by: Simon Glass <sjg at chromium.org>
More information about the U-Boot
mailing list