[PATCH] ecdsa: fix segfault in mkimage when "-r" option is not set
Lucas Dietrich
ld.adecy at gmail.com
Mon Jul 7 17:55:50 CEST 2025
Fix a segmentation fault in the ECDSA signing logic of `mkimage`
that occurs when the "-r" option is not specified.
This reproduces the logic in `lib/rsa/rsa-sign.c` by checking if
`info->require_keys` is non-null before passing it to
`fdt_setprop_string()`.
Signed-off-by: Lucas Dietrich <lucas.dietrich.git at proton.me>
---
lib/ecdsa/ecdsa-libcrypto.c | 10 ++++++----
1 file changed, 6 insertions(+), 4 deletions(-)
diff --git a/lib/ecdsa/ecdsa-libcrypto.c b/lib/ecdsa/ecdsa-libcrypto.c
index f0095e9dbcf..f48df2b870f 100644
--- a/lib/ecdsa/ecdsa-libcrypto.c
+++ b/lib/ecdsa/ecdsa-libcrypto.c
@@ -345,10 +345,12 @@ static int do_add(struct signer *ctx, void *fdt, const char *key_node_name,
if (ret < 0)
return ret;
- ret = fdt_setprop_string(fdt, key_node, FIT_KEY_REQUIRED,
- info->require_keys);
- if (ret < 0)
- return ret;
+ if (info->require_keys) {
+ ret = fdt_setprop_string(fdt, key_node, FIT_KEY_REQUIRED,
+ info->require_keys);
+ if (ret < 0)
+ return ret;
+ }
return key_node;
}
--
2.39.5
More information about the U-Boot
mailing list