Embedded_Projects/u-boot
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

Check curve_name for null to avoid crash

Browse Source 
If mixed rsa and ecdsa keys are specified in dtsi, an rsa key can be sent
into the ecdsa verify. Without the ecdsa,curve property, this function will
crash due to lack of checking the null pointer return.

Signed-off-by: Bob Wolff <bob.wolff68@gmail.com>
This commit is contained in:
Bob Wolff 2024-02-27 15:57:03 -08:00 committed by Tom Rini
parent 6eb682bc7e
commit 9522956605
1 changed files with 5 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

5
lib/ecdsa/ecdsa-verify.c
View File

@ -31,6 +31,11 @@ static int fdt_get_key(struct ecdsa_public_key *key, const void *fdt, int node)
int x_len, y_len;
key->curve_name = fdt_getprop(fdt, node, "ecdsa,curve", NULL);
if (!key->curve_name) {
debug("Error: ecdsa cannot get 'ecdsa,curve' property from key. Likely not an ecdsa key.\n");
return -ENOMSG;
}
key->size_bits = ecdsa_key_size(key->curve_name);
if (key->size_bits == 0) {
debug("Unknown ECDSA curve '%s'", key->curve_name);