From patchwork Sun Oct 15 21:32:05 2023
Content-Type: text/plain; charset="utf-8"
MIME-Version: 1.0
Content-Transfer-Encoding: 7bit
X-Patchwork-Submitter: Michael Glembotzki <m.glembo@gmail.com>
X-Patchwork-Id: 1849000
X-Patchwork-Delegate: sbabic@denx.de
Return-Path: <swupdate+bncBDY5JUXLVIEBB2FUWGUQMGQEQHS5XOI@googlegroups.com>
X-Original-To: incoming@patchwork.ozlabs.org
Delivered-To: patchwork-incoming@legolas.ozlabs.org
Authentication-Results: legolas.ozlabs.org;
	dkim=pass (2048-bit key;
 unprotected) header.d=googlegroups.com header.i=@googlegroups.com
 header.a=rsa-sha256 header.s=20230601 header.b=BWnTJ0dV;
	dkim=pass (2048-bit key;
 unprotected) header.d=gmail.com header.i=@gmail.com header.a=rsa-sha256
 header.s=20230601 header.b=nG0t3l+z;
	dkim-atps=neutral
Authentication-Results: legolas.ozlabs.org;
 spf=pass (sender SPF authorized) smtp.mailfrom=googlegroups.com
 (client-ip=2a00:1450:4864:20::640; helo=mail-ej1-x640.google.com;
 envelope-from=swupdate+bncbdy5juxlviebb2fuwguqmgqeqhs5xoi@googlegroups.com;
 receiver=patchwork.ozlabs.org)
Received: from mail-ej1-x640.google.com (mail-ej1-x640.google.com
 [IPv6:2a00:1450:4864:20::640])
	(using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits)
	 key-exchange X25519 server-signature ECDSA (secp384r1) server-digest SHA384)
	(No client certificate requested)
	by legolas.ozlabs.org (Postfix) with ESMTPS id 4S7tkS6S46z20Zj
	for <incoming@patchwork.ozlabs.org>; Mon, 16 Oct 2023 08:32:31 +1100 (AEDT)
Received: by mail-ej1-x640.google.com with SMTP id
 a640c23a62f3a-9b2e030e4casf512444966b.1
        for <incoming@patchwork.ozlabs.org>;
 Sun, 15 Oct 2023 14:32:30 -0700 (PDT)
ARC-Seal: i=2; a=rsa-sha256; t=1697405545; cv=pass;
        d=google.com; s=arc-20160816;
        b=VsEA/aUK1Q+Pw/wD3izIgszSqCZSGKBbPU4PrDXlRWik4Umg0zBWbd+n3V0DA/t7Le
         aFmc6qYFAlRRFw2zaLBw32grBq14cOXn6agLLNftXLZ8jKoEGafUWP35OtXYtDjbMZLT
         qLq+TQiT1D8blZ7mOrh8FnQFz5I0N6PYVU3lIwpIykSMRiSere/V+uHXJL+kTRX0qDwi
         BK1h0C9xIQixpq7AVP9v+J8KVAI37JBt63TVTcV9EHigwZPZEDZhWSAzawXhCNn/Yf+j
         zRdqmjGzwZ2R7rcVPIBS2KyPe8EKH+VL3L4dRKF1zQ9j0O/oCo2v9DoQf62dC9dJpHp3
         ioKg==
ARC-Message-Signature: i=2; a=rsa-sha256; c=relaxed/relaxed; d=google.com;
 s=arc-20160816;
        h=list-unsubscribe:list-subscribe:list-archive:list-help:list-post
         :list-id:mailing-list:precedence:mime-version:message-id:date
         :subject:cc:to:from:sender:dkim-signature:dkim-signature;
        bh=pi/XR8k8vjUEhLVdcRVli59TwW+tZP850+fwlEt8aEU=;
        fh=zydHuzCQWrku2OPQyZfraJZFcOpEXLQ/YBcu3QNiBd0=;
        b=THJL6qVeQ78oMxOwVPXkwxFVqGT4MboyoVvSNxKfxyDYFPit6QpcJYHItIRl7EaGAr
         tpXnCEeSWeBLNGgJQhwqr9JD9KyAPaIRM0q4b0D2BnMBWjdQgVcIlhtVn4Rw59ixaS8W
         ZqP+EHTEaTwRcYU+qC2iMBneWTvNo2rAySGxnnl+Mfwb6LCNtpP0FhGZtpZgN7rcCxrK
         yrr/rul0DfuczLTOkrAJVpp851Nau2+jN2QCAQf7s/fnMXWa5zDkosUkfLAuFN4pHwqe
         S0WALQvU4gOr9iER1doDBZEqPk0Tt5Ii/H8Bs+nhTofjEQ5QL2fpldiaipQJ4N+xoeWE
         8LAw==
ARC-Authentication-Results: i=2; gmr-mx.google.com;
       dkim=pass header.i=@gmail.com header.s=20230601 header.b=mZAPEShM;
       spf=pass (google.com: domain of m.glembo@gmail.com designates
 2a00:1450:4864:20::632 as permitted sender) smtp.mailfrom=m.glembo@gmail.com;
       dmarc=pass (p=NONE sp=QUARANTINE dis=NONE) header.from=gmail.com
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
        d=googlegroups.com; s=20230601; t=1697405545; x=1698010345;
 darn=patchwork.ozlabs.org;
        h=list-unsubscribe:list-subscribe:list-archive:list-help:list-post
         :list-id:mailing-list:precedence:x-original-authentication-results
         :x-original-sender:mime-version:message-id:date:subject:cc:to:from
         :sender:from:to:cc:subject:date:message-id:reply-to;
        bh=pi/XR8k8vjUEhLVdcRVli59TwW+tZP850+fwlEt8aEU=;
        b=BWnTJ0dV+AB6CJU/aJZnh8jHsdqvh/kdT2K3dGwpgw3KdzU6LjDLdIoDEw7F2fksNe
         yH2F+m7rJZo9Il2Oobv2RKvQPJqQI8WhZEwbryG0RXd29cgvQUR1SUN55DBUUwzBhBtV
         mAa6kjz6EhiailI3Oanf5Qi5dxNkBlSVViLxDvkVu4eOMvmSVbCI/Jsg/aGva060Ppzz
         yNTUrtLt8BJlQb9Zw+bJeoN06zas05ffCV1tBlqBdOv7MdnTuEd+vhAG75tjWXXS6c+T
         ehYGKmV7bOkHbJjmhQQ1rtYIs9rTjl5ll6ZMWsrHjpSxetxKbTPwrIqzzOj/8rupSqhs
         dfDA==
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
        d=gmail.com; s=20230601; t=1697405545; x=1698010345;
 darn=patchwork.ozlabs.org;
        h=list-unsubscribe:list-subscribe:list-archive:list-help:list-post
         :list-id:mailing-list:precedence:x-original-authentication-results
         :x-original-sender:mime-version:message-id:date:subject:cc:to:from
         :from:to:cc:subject:date:message-id:reply-to;
        bh=pi/XR8k8vjUEhLVdcRVli59TwW+tZP850+fwlEt8aEU=;
        b=nG0t3l+zQFiQ2ZGK/+M11V45ZzF9u4Rds6XspwkDM2dF9uJCZ3QbkCQBJDuhJe1eNq
         iRyZ+dMHvNsUYCz6QIPwGdubz9Yi0eB0kaVasCPd8WgNheCPHlNI9h14nC8ba4QLj31C
         2tuH9500RZdcmp7mTActINBhdmk4LWedOB7sw4akvgEev/ltmMy/ekd8tcDsAoVGJy0y
         o2faTfCtETnLUvfReZ3hUxL8LT5QR09OoO/b/j35pTYjecGe0kwy2DCocuvB1RyIcZEh
         KM7lMBDpX3EAsQLBQBy4AWGAjhzI7sUbcWMjR+Q3vKc/QBCJ51ZSsMc24bpMcG4HhrSt
         PrKw==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
        d=1e100.net; s=20230601; t=1697405545; x=1698010345;
        h=list-unsubscribe:list-subscribe:list-archive:list-help:list-post
         :x-spam-checked-in-group:list-id:mailing-list:precedence
         :x-original-authentication-results:x-original-sender:mime-version
         :message-id:date:subject:cc:to:from:x-beenthere:x-gm-message-state
         :sender:from:to:cc:subject:date:message-id:reply-to;
        bh=pi/XR8k8vjUEhLVdcRVli59TwW+tZP850+fwlEt8aEU=;
        b=BzkZAgmvvIzpEwf04f7Sp9bLWJBv1wJvPVZXHnSa9tguaa+6VtH0i6xXcNuTsgwN0n
         zwS+cRhvjNiEdF4nwrRPL+lCwbqmlTeFyNRwyVSX8NNJ+nk/CZJFldv3IdVeY9qjwWVZ
         XULGtwlm0FGoJ87WWy1ZUmz3dPEp8pqE19/N6wkvKwCf02qqWhpcvhPKdMSpy346q26D
         CairNOuw3r8TjoULoix50Aa+9DVYkn3IgSoNHre14NrAsbHKl1BYr1vfseryFfS6jMo8
         2y4geKbH7OGYIeovsNunzoBq5g6NeU4bmyxcoftZaCMdBNWX3k+mptbiVN3ab6X6vKkz
         g2OQ==
Sender: swupdate@googlegroups.com
X-Gm-Message-State: AOJu0YxNCUkjTkmW8U9mSBzh5vBOMoHxBWUVCgkG5o1Ry3Ou/qRROzC/
	EjIN01Te2ukT0IsV/AMvsVI=
X-Google-Smtp-Source: 
 AGHT+IEltp+LWTCaGySwo5a46Yoz1w5KY4BYJaPJYZbvfy4ChlEbzOZ5dj4PUH0Nw2HGkJzxKuXfFQ==
X-Received: by 2002:a17:907:7dac:b0:9aa:1794:945b with SMTP id
 oz44-20020a1709077dac00b009aa1794945bmr4968773ejc.22.1697405545059;
        Sun, 15 Oct 2023 14:32:25 -0700 (PDT)
X-BeenThere: swupdate@googlegroups.com
Received: by 2002:a05:6402:320b:b0:525:57cc:5db4 with SMTP id
 g11-20020a056402320b00b0052557cc5db4ls109420eda.0.-pod-prod-00-eu; Sun, 15
 Oct 2023 14:32:22 -0700 (PDT)
X-Received: by 2002:a50:d5d6:0:b0:53d:fd46:41ce with SMTP id
 g22-20020a50d5d6000000b0053dfd4641cemr5379808edj.19.1697405542625;
        Sun, 15 Oct 2023 14:32:22 -0700 (PDT)
ARC-Seal: i=1; a=rsa-sha256; t=1697405542; cv=none;
        d=google.com; s=arc-20160816;
        b=MFiaK6JphBhjI5XznEWjinUQvkWGwg95K62iPkOAw6XJTsQyqX6cWVE2cg+gW9JLuG
         9Vau1eHMLTn9UyhdvobIM1QlbSPBhl0iuSnpYkLV7eo7Z6z9kKJI+TUYdeZvOHyqoLvr
         DccdCHjzX4AhtQBVsgQy7ykx10kmu9ScIV+H5t4zLjzNNCSB1U9UoMCoqom0YQq5b3eD
         CIRv3/dp53YZGmA5G5cV3rN+By5Hlb2746K6Cdx4Kxq5xWj5aEAvYV1E+0cy80BZi7bK
         /qTOkqgZxKmvgJN8vWPcuYEmCB/iECnBVW+Dq0/7aAPeprQQ3lAaZVvTmCc+2iS+wp+x
         lvfg==
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com;
 s=arc-20160816;
        h=content-transfer-encoding:mime-version:message-id:date:subject:cc
         :to:from:dkim-signature;
        bh=Y2Pe8/6nFDlKpXCVI/4MHFojroWFWZRELJygxtE0RxI=;
        fh=zydHuzCQWrku2OPQyZfraJZFcOpEXLQ/YBcu3QNiBd0=;
        b=K8nlXrjsWnZYIxUMJkNqlB1D2HREpxk3wqHBfy1wgrGVTD5CM7YK7YS42N1YuJ/UvX
         cCd3lUWIUyGyumE8Ty0+4R8W4H3GIvYpWC0WQGS7OkcCk2BKudkM5VLluc6Clayvnsfi
         O6uFP0eSkM1ukEe6+5pbpMHleWrwGJWJPgOXwOnNhZ6htd3wj76JcK1YmVAgDhTYFz20
         e4NXUvzTJIPEQmI6MqcJTMMZ+/tAWXoKjSMqz6YVnj/F/16iLU2LegblaboiwdzzOpLR
         AOGelsH0vE1NmAS36ArzB9rkepDaFNq/YTnsE61XK9LamUxS6iX1wNylhMMH8Z1VVN++
         g1tw==
ARC-Authentication-Results: i=1; gmr-mx.google.com;
       dkim=pass header.i=@gmail.com header.s=20230601 header.b=mZAPEShM;
       spf=pass (google.com: domain of m.glembo@gmail.com designates
 2a00:1450:4864:20::632 as permitted sender) smtp.mailfrom=m.glembo@gmail.com;
       dmarc=pass (p=NONE sp=QUARANTINE dis=NONE) header.from=gmail.com
Received: from mail-ej1-x632.google.com (mail-ej1-x632.google.com.
 [2a00:1450:4864:20::632])
        by gmr-mx.google.com with ESMTPS id
 n22-20020a05640205d600b0053d91d4a9e4si732756edx.4.2023.10.15.14.32.22
        for <swupdate@googlegroups.com>
        (version=TLS1_3 cipher=TLS_AES_128_GCM_SHA256 bits=128/128);
        Sun, 15 Oct 2023 14:32:22 -0700 (PDT)
Received-SPF: pass (google.com: domain of m.glembo@gmail.com designates
 2a00:1450:4864:20::632 as permitted sender) client-ip=2a00:1450:4864:20::632;
Received: by mail-ej1-x632.google.com with SMTP id
 a640c23a62f3a-9c3aec5f326so96428966b.1
        for <swupdate@googlegroups.com>; Sun, 15 Oct 2023 14:32:22 -0700 (PDT)
X-Received: by 2002:a17:907:3da5:b0:9ae:614f:b159 with SMTP id
 he37-20020a1709073da500b009ae614fb159mr5534341ejc.36.1697405541885;
        Sun, 15 Oct 2023 14:32:21 -0700 (PDT)
Received: from PC-2635.irisgmbh.local
 (dslb-002-203-161-041.002.203.pools.vodafone-ip.de. [2.203.161.41])
        by smtp.gmail.com with ESMTPSA id
 og41-20020a1709071de900b009adce1c97ccsm2726458ejc.53.2023.10.15.14.32.21
        (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256);
        Sun, 15 Oct 2023 14:32:21 -0700 (PDT)
From: Michael Glembotzki <m.glembo@gmail.com>
To: swupdate@googlegroups.com
Cc: Michael Glembotzki <Michael.Glembotzki@iris-sensing.com>
Subject: [swupdate] [PATCH 1/2] cpio_utils: Fail on invalid Image IVT length
Date: Sun, 15 Oct 2023 23:32:05 +0200
Message-ID: <20231015213206.43542-1-Michael.Glembotzki@iris-sensing.com>
X-Mailer: git-send-email 2.42.0
MIME-Version: 1.0
X-Original-Sender: m.glembo@gmail.com
X-Original-Authentication-Results: gmr-mx.google.com;       dkim=pass
 header.i=@gmail.com header.s=20230601 header.b=mZAPEShM;       spf=pass
 (google.com: domain of m.glembo@gmail.com designates 2a00:1450:4864:20::632
 as permitted sender) smtp.mailfrom=m.glembo@gmail.com;       dmarc=pass
 (p=NONE sp=QUARANTINE dis=NONE) header.from=gmail.com
Precedence: list
Mailing-list: list swupdate@googlegroups.com;
 contact swupdate+owners@googlegroups.com
List-ID: <swupdate.googlegroups.com>
X-Spam-Checked-In-Group: swupdate@googlegroups.com
X-Google-Group-Id: 605343134186
List-Post: <https://groups.google.com/group/swupdate/post>,
 <mailto:swupdate@googlegroups.com>
List-Help: <https://groups.google.com/support/>,
 <mailto:swupdate+help@googlegroups.com>
List-Archive: <https://groups.google.com/group/swupdate
List-Subscribe: <https://groups.google.com/group/swupdate/subscribe>,
 <mailto:swupdate+subscribe@googlegroups.com>
List-Unsubscribe: 
 <mailto:googlegroups-manage+605343134186+unsubscribe@googlegroups.com>,
 <https://groups.google.com/group/swupdate/subscribe>

An IVT in the sw-description file that is too short would result in a image
being processed with the default IVT. In the worst case, the file would be
incorrectly decrypted and still be processed/installed/executed.

Example:

> cat encryption.key
69D54287F856D30B51B812FDF714556778CF31E1B104D9C68BD90C669C37D1AB E93DA465B309C53FEC5FF93C9637DA58

> cat pre_post_inst.sh.dec
 #!/bin/sh

 echo "UUUUUU"

Encrypt a shell script. Please note the missing last hex character of the IVT: 8
> openssl enc -aes-256-cbc -in pre_post_inst.sh.dec -out pre_post_inst.sh \
  -K 69D54287F856D30B51B812FDF714556778CF31E1B104D9C68BD90C669C37D1AB \
  -iv E93DA465B309C53FEC5FF93C9637DA5

cat sw-description
software =
{
    version = "1.0.0";
    description = "Too small ivt sent in the sw description file";

    scripts: (
        {
            filename = "pre_post_inst.sh";
            type = "shellscript";
            sha256 = "c7c2ae0d3e25dd2145f76649c1bfd5ee9c588e1d3bf509f1c4d15fef089f6669";
            ivt = "E93DA465B309C53FEC5FF93C9637DA5";
            encrypted = true;
        },
    );
}

Create and install swu:
[ERROR] : SWUPDATE failed [0] ERROR : /tmp/scripts/pre_post_inst.sh: line 3: syntax error near unexpected token `"UUUUUU"'
[ERROR] : SWUPDATE failed [0] ERROR : /tmp/scripts/pre_post_inst.sh: line 3: `echo("UUUUUU"'

The space after the echo becomes a bracket.

Signed-off-by: Michael Glembotzki <Michael.Glembotzki@iris-sensing.com>
Reviewed-by: Stefano Babic <stefano.babic@swupdate.org>
---
 core/cpio_utils.c | 8 ++++++--
 1 file changed, 6 insertions(+), 2 deletions(-)

diff --git a/core/cpio_utils.c b/core/cpio_utils.c
index 4294083..2e5f19a 100644
--- a/core/cpio_utils.c
+++ b/core/cpio_utils.c
@@ -443,7 +443,7 @@ static int __swupdate_copy(int fdin, unsigned char *inbuf, void *out, size_t nby
 	unsigned int md_len = 0;
 	unsigned char *aes_key = NULL;
 	unsigned char *ivt = NULL;
-	unsigned char ivtbuf[16];
+	unsigned char ivtbuf[AES_BLK_SIZE];
 
 	struct InputState input_state = {
 		.fdin = fdin,
@@ -514,7 +514,11 @@ static int __swupdate_copy(int fdin, unsigned char *inbuf, void *out, size_t nby
 
 	if (encrypted) {
 		aes_key = get_aes_key();
-		if (imgivt && strlen(imgivt) && !ascii_to_bin(ivtbuf, sizeof(ivtbuf), imgivt)) {
+		if (imgivt && strlen(imgivt)) {
+			if(ascii_to_bin(ivtbuf, sizeof(ivtbuf), imgivt)) {
+				ERROR("invalid image ivt length");
+				return -EINVAL;
+			}
 			ivt = ivtbuf;
 		} else
 			ivt = get_aes_ivt();