leandrof/u-boot
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

lib: rsa: fix padding_pss_verify

Browse Source 
Check the that the hash length is shorter than the message length. This
avoids:

    ./tools/../lib/rsa/rsa-verify.c:275:11: warning:
    ‘*db’ may be used uninitialized [-Wmaybe-uninitialized]
      275 |         db[0] &= 0xff >> leftmost_bits;

Fixes: 061daa0b61 ("rsa: add support of padding pss")
Signed-off-by: Heinrich Schuchardt <heinrich.schuchardt@canonical.com>
Reviewed-by: Simon Glass <sjg@chromium.org>
This commit is contained in:
Heinrich Schuchardt 2022-08-31 21:13:40 +02:00 committed by Tom Rini
parent 069f0d7506
commit 0cd933bb4b
1 changed files with 5 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

5
lib/rsa/rsa-verify.c
View File

@ -215,6 +215,8 @@ out:
* @msg_len: Message length * @msg_len: Message length
* @hash: Pointer to the expected hash * @hash: Pointer to the expected hash
* @hash_len: Length of the hash * @hash_len: Length of the hash
*
* Return: 0 if padding is correct, non-zero otherwise
*/ */
int padding_pss_verify(struct image_sign_info *info, int padding_pss_verify(struct image_sign_info *info,
const uint8_t *msg, int msg_len, const uint8_t *msg, int msg_len,
@ -234,6 +236,9 @@ int padding_pss_verify(struct image_sign_info *info,
uint8_t leftmost_mask; uint8_t leftmost_mask;
struct checksum_algo *checksum = info->checksum; struct checksum_algo *checksum = info->checksum;
if (db_len <= 0)
return -EINVAL;
/* first, allocate everything */ /* first, allocate everything */
db_mask = malloc(db_len); db_mask = malloc(db_len);
db = malloc(db_len); db = malloc(db_len);