[PATCH 1/1] lib: parameter check in hash_calculate

Heinrich Schuchardt heinrich.schuchardt at canonical.com
Tue Aug 22 10:43:06 CEST 2023


If hash_calculate is invoked with region_count = 0, it will try to hash
INT_MAX regions. We should check this parameter.

* Avoid a comparison with different signedness.
* Check that region_count is at least 1.
* Avoid a superfluous assignment.

Fixes: b37b46f042cc ("rsa: Use checksum algorithms from struct hash_algo")
Signed-off-by: Heinrich Schuchardt <heinrich.schuchardt at canonical.com>
---
 lib/hash-checksum.c | 6 ++++--
 1 file changed, 4 insertions(+), 2 deletions(-)

diff --git a/lib/hash-checksum.c b/lib/hash-checksum.c
index 8f2a42f9a0..68c290d64d 100644
--- a/lib/hash-checksum.c
+++ b/lib/hash-checksum.c
@@ -23,8 +23,10 @@ int hash_calculate(const char *name,
 	struct hash_algo *algo;
 	int ret = 0;
 	void *ctx;
-	uint32_t i;
-	i = 0;
+	int i;
+
+	if (region_count < 1)
+		return -EINVAL;
 
 	ret = hash_progressive_lookup_algo(name, &algo);
 	if (ret)
-- 
2.40.1



More information about the U-Boot mailing list