[PATCH] ecdsa: Avoid null pointer crash in ecdsa-verify due to absent property
Sean Anderson
seanga2 at gmail.com
Thu Feb 22 04:15:15 CET 2024
Hi Bob,
On 2/21/24 19:27, Bob Wolff wrote:
> If mixed rsa and ecdsa keys are specified in
> dtsi, an rsa key can be sent into the ecdsa
> verify. Without the ecdsa,curve property, this
> function will crash due to lack of checking
> the null pointer return.
You can wrap commit messages at 75 characters
> Signed-off-by: Bob Wolff <bob.wolff68 at gmail.com>
> ---
>
> lib/ecdsa/ecdsa-verify.c | 5 +++++
> 1 file changed, 5 insertions(+)
>
> diff --git a/lib/ecdsa/ecdsa-verify.c b/lib/ecdsa/ecdsa-verify.c
> index 0601700c4f..01ffc3477c 100644
> --- a/lib/ecdsa/ecdsa-verify.c
> +++ b/lib/ecdsa/ecdsa-verify.c
> @@ -31,6 +31,11 @@ static int fdt_get_key(struct ecdsa_public_key *key,
> const void *fdt, int node)
> int x_len, y_len;
>
> key->curve_name = fdt_getprop(fdt, node, "ecdsa,curve", NULL);
> + if (!key->curve_name) {
> + printf("Error: ecdsa cannot get 'ecdsa,curve' property from key. Likely
> not an ecdsa key.\n");
this should probably be a debug (like the below message)
> + return -ENOMSG;
> + }
> +
and it looks like something ate your indentation
--Sean
> key->size_bits = ecdsa_key_size(key->curve_name);
> if (key->size_bits == 0) {
> debug("Unknown ECDSA curve '%s'", key->curve_name);
> --
> 2.39.3 (Apple Git-145)
More information about the U-Boot
mailing list