[PATCH] ecdsa: Avoid null pointer crash in ecdsa-verify due to absent property

Thu Feb 22 01:27:00 CET 2024

If mixed rsa and ecdsa keys are specified in
dtsi, an rsa key can be sent into the ecdsa
verify. Without the ecdsa,curve property, this
function will crash due to lack of checking
the null pointer return.

Signed-off-by: Bob Wolff <bob.wolff68 at gmail.com>
---

 lib/ecdsa/ecdsa-verify.c | 5 +++++
 1 file changed, 5 insertions(+)

diff --git a/lib/ecdsa/ecdsa-verify.c b/lib/ecdsa/ecdsa-verify.c
index 0601700c4f..01ffc3477c 100644
--- a/lib/ecdsa/ecdsa-verify.c
+++ b/lib/ecdsa/ecdsa-verify.c
@@ -31,6 +31,11 @@ static int fdt_get_key(struct ecdsa_public_key *key,
const void *fdt, int node)
  int x_len, y_len;

  key->curve_name = fdt_getprop(fdt, node, "ecdsa,curve", NULL);
+ if (!key->curve_name) {
+ printf("Error: ecdsa cannot get 'ecdsa,curve' property from key. Likely
not an ecdsa key.\n");
+ return -ENOMSG;
+ }
+
  key->size_bits = ecdsa_key_size(key->curve_name);
  if (key->size_bits == 0) {
  debug("Unknown ECDSA curve '%s'", key->curve_name);
--
2.39.3 (Apple Git-145)
