diff mbox series

ecdsa: Avoid null pointer crash in ecdsa-verify due to absent property

Message ID CAF1iuRpqKhsDdkmC1jM7gK41JzhwVTKeh=a7Wtixp6Vz4M8Fqg@mail.gmail.com
State Changes Requested
Delegated to: Sean Anderson
Headers show
Series ecdsa: Avoid null pointer crash in ecdsa-verify due to absent property | expand

Commit Message

Bob Wolff Feb. 22, 2024, 12:27 a.m. UTC 
If mixed rsa and ecdsa keys are specified in
dtsi, an rsa key can be sent into the ecdsa
verify. Without the ecdsa,curve property, this
function will crash due to lack of checking
the null pointer return.

Signed-off-by: Bob Wolff <bob.wolff68@gmail.com>
---

 lib/ecdsa/ecdsa-verify.c | 5 +++++
 1 file changed, 5 insertions(+)

  if (key->size_bits == 0) {
  debug("Unknown ECDSA curve '%s'", key->curve_name);
--
2.39.3 (Apple Git-145)

Comments

Sean Anderson Feb. 22, 2024, 3:15 a.m. UTC | #1 
Hi Bob,

On 2/21/24 19:27, Bob Wolff wrote:
> If mixed rsa and ecdsa keys are specified in
> dtsi, an rsa key can be sent into the ecdsa
> verify. Without the ecdsa,curve property, this
> function will crash due to lack of checking
> the null pointer return.

You can wrap commit messages at 75 characters

> Signed-off-by: Bob Wolff <bob.wolff68@gmail.com>
> ---
> 
>   lib/ecdsa/ecdsa-verify.c | 5 +++++
>   1 file changed, 5 insertions(+)
> 
> diff --git a/lib/ecdsa/ecdsa-verify.c b/lib/ecdsa/ecdsa-verify.c
> index 0601700c4f..01ffc3477c 100644
> --- a/lib/ecdsa/ecdsa-verify.c
> +++ b/lib/ecdsa/ecdsa-verify.c
> @@ -31,6 +31,11 @@ static int fdt_get_key(struct ecdsa_public_key *key,
> const void *fdt, int node)
>    int x_len, y_len;
> 
>    key->curve_name = fdt_getprop(fdt, node, "ecdsa,curve", NULL);
> + if (!key->curve_name) {
> + printf("Error: ecdsa cannot get 'ecdsa,curve' property from key. Likely
> not an ecdsa key.\n");

this should probably be a debug (like the below message)

> + return -ENOMSG;
> + }
> +

and it looks like something ate your indentation

--Sean

>    key->size_bits = ecdsa_key_size(key->curve_name);
>    if (key->size_bits == 0) {
>    debug("Unknown ECDSA curve '%s'", key->curve_name);
> --
> 2.39.3 (Apple Git-145)
diff mbox series

Patch

diff --git a/lib/ecdsa/ecdsa-verify.c b/lib/ecdsa/ecdsa-verify.c
index 0601700c4f..01ffc3477c 100644
--- a/lib/ecdsa/ecdsa-verify.c
+++ b/lib/ecdsa/ecdsa-verify.c
@@ -31,6 +31,11 @@  static int fdt_get_key(struct ecdsa_public_key *key,
const void *fdt, int node)
  int x_len, y_len;

  key->curve_name = fdt_getprop(fdt, node, "ecdsa,curve", NULL);
+ if (!key->curve_name) {
+ printf("Error: ecdsa cannot get 'ecdsa,curve' property from key. Likely
not an ecdsa key.\n");
+ return -ENOMSG;
+ }
+
  key->size_bits = ecdsa_key_size(key->curve_name);