diff mbox series

image-host: refactor and protect for very long filenames

Message ID 20240108142430.301659-2-hugo.cornelis@essensium.com
State Accepted
Commit bc01d9ff93f350a35c51ddb75f81c2a6f663b1c1
Delegated to: Tom Rini
Headers show
Series image-host: refactor and protect for very long filenames | expand

Commit Message

Hugo Cornelis Jan. 8, 2024, 2:24 p.m. UTC 
This patch adds a function fit_image_read_key_iv_data that checks the
return value of snprintf and allows to generate a sensible error
message when generating binary images using filenames that are too
long for the OS to handle.

This is especially relevant for automated builds such as Buildroot and
Yocto builds.

Signed-off-by: Hugo Cornelis <hugo.cornelis@essensium.com>
---
 tools/image-host.c | 42 ++++++++++++++++++++++++++++++++----------
 1 file changed, 32 insertions(+), 10 deletions(-)

Comments

Tom Rini Jan. 19, 2024, 4:09 p.m. UTC | #1 
On Mon, Jan 08, 2024 at 03:24:30PM +0100, Hugo Cornelis wrote:

> This patch adds a function fit_image_read_key_iv_data that checks the
> return value of snprintf and allows to generate a sensible error
> message when generating binary images using filenames that are too
> long for the OS to handle.
> 
> This is especially relevant for automated builds such as Buildroot and
> Yocto builds.
> 
> Signed-off-by: Hugo Cornelis <hugo.cornelis@essensium.com>

Applied to u-boot/master, thanks!
diff mbox series

Patch

diff --git a/tools/image-host.c b/tools/image-host.c
index ca4950312f..0092fa830f 100644
--- a/tools/image-host.c
+++ b/tools/image-host.c
@@ -340,6 +340,28 @@  err:
 	return ret;
 }
 
+static int fit_image_read_key_iv_data(const char *keydir, const char *key_iv_name,
+				      unsigned char *key_iv_data, int expected_size)
+{
+	char filename[PATH_MAX];
+	int ret = -1;
+
+	ret = snprintf(filename, sizeof(filename), "%s/%s%s",
+		       keydir, key_iv_name, ".bin");
+	if (ret >= sizeof(filename)) {
+		printf("Can't format the key or IV filename when setting up the cipher: insufficient buffer space\n");
+		ret = -1;
+	}
+	if (ret < 0) {
+		printf("Can't format the key or IV filename when setting up the cipher: snprintf error\n");
+		ret = -1;
+	}
+
+	ret = fit_image_read_data(filename, key_iv_data, expected_size);
+
+	return ret;
+}
+
 static int get_random_data(void *data, int size)
 {
 	unsigned char *tmp = data;
@@ -376,7 +398,6 @@  static int fit_image_setup_cipher(struct image_cipher_info *info,
 				  int noffset)
 {
 	char *algo_name;
-	char filename[128];
 	int ret = -1;
 
 	if (fit_image_cipher_get_algo(fit, noffset, &algo_name)) {
@@ -413,17 +434,17 @@  static int fit_image_setup_cipher(struct image_cipher_info *info,
 		goto out;
 	}
 
-	/* Read the key in the file */
-	snprintf(filename, sizeof(filename), "%s/%s%s",
-		 info->keydir, info->keyname, ".bin");
 	info->key = malloc(info->cipher->key_len);
 	if (!info->key) {
 		fprintf(stderr, "Can't allocate memory for key\n");
 		ret = -1;
 		goto out;
 	}
-	ret = fit_image_read_data(filename, (unsigned char *)info->key,
-				  info->cipher->key_len);
+
+	/* Read the key in the file */
+	ret = fit_image_read_key_iv_data(info->keydir, info->keyname,
+					 (unsigned char *)info->key,
+					 info->cipher->key_len);
 	if (ret < 0)
 		goto out;
 
@@ -436,10 +457,11 @@  static int fit_image_setup_cipher(struct image_cipher_info *info,
 
 	if (info->ivname) {
 		/* Read the IV in the file */
-		snprintf(filename, sizeof(filename), "%s/%s%s",
-			 info->keydir, info->ivname, ".bin");
-		ret = fit_image_read_data(filename, (unsigned char *)info->iv,
-					  info->cipher->iv_len);
+		ret = fit_image_read_key_iv_data(info->keydir, info->ivname,
+						 (unsigned char *)info->iv,
+						 info->cipher->iv_len);
+		if (ret < 0)
+			goto out;
 	} else {
 		/* Generate an ramdom IV */
 		ret = get_random_data((void *)info->iv, info->cipher->iv_len);