leandrof/u-boot
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

hash: Ensure verification hex pairs are terminated

Browse Source 
This function seems to assume that the chr[] variable contains zeros at
the start, which is not always true. Use strlcpy() to be safe.

Signed-off-by: Simon Glass <sjg@chromium.org>
This commit is contained in:
Simon Glass 2021-07-24 09:03:28 -06:00 committed by Tom Rini
parent 73994c452f
commit 031725f8cd
1 changed files with 1 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
common/hash.c
View File

@ -396,7 +396,7 @@ int hash_parse_string(const char *algo_name, const char *str, uint8_t *result)
for (i = 0; i < algo->digest_size; i++) { for (i = 0; i < algo->digest_size; i++) {
char chr[3]; char chr[3];
strncpy(chr, &str[i * 2], 2); strlcpy(chr, &str[i * 2], 3);
result[i] = simple_strtoul(chr, NULL, 16); result[i] = simple_strtoul(chr, NULL, 16);
} }