| Message ID | 7DD9C9A9-D0D5-4D3B-98A8-53B35723284C@smart-africa.com |
|---|---|
| State | Superseded, archived |
| Headers | show |
Hi Michael, On 26 May 2014 07:09, Michael van der Westhuizen <michael@smart-africa.com> wrote: > Due to the FIT_MAX_HASH_LEN constant not having been updated > to support SHA256 signatures one will always see a buffer > overflow in fit_image_process_hash when signing images that > use this larger hash. This is exposed by vboot_test.sh. > > Signed-off-by: Michael van der Westhuizen <michael@smart-africa.com> > --- > Changes in v2: > * Use the HASH_MAX_DIGEST_SIZE constant from hash.h for the > FIT_MAX_HASH_LEN. > * Hide use of struct lmb behind USE_HOSTCC being undefined. This seems to have whitespace problems, or it could be your mailer. There should be tabs in there somewhere. Did you use patman to check/send? Regards, Simon
Hi Simon, That's very odd. I'll regenerate the patch and resend. I'm using git send-email, so things should not be getting mangled. Michael On 30 May 2014, at 8:42 PM, Simon Glass <sjg@chromium.org> wrote: > Hi Michael, > > On 26 May 2014 07:09, Michael van der Westhuizen > <michael@smart-africa.com> wrote: >> Due to the FIT_MAX_HASH_LEN constant not having been updated >> to support SHA256 signatures one will always see a buffer >> overflow in fit_image_process_hash when signing images that >> use this larger hash. This is exposed by vboot_test.sh. >> >> Signed-off-by: Michael van der Westhuizen <michael@smart-africa.com> >> --- >> Changes in v2: >> * Use the HASH_MAX_DIGEST_SIZE constant from hash.h for the >> FIT_MAX_HASH_LEN. >> * Hide use of struct lmb behind USE_HOSTCC being undefined. > > This seems to have whitespace problems, or it could be your mailer. > There should be tabs in there somewhere. Did you use patman to > check/send? > > Regards, > Simon
diff --git a/include/image.h b/include/image.h index 1886168..cbbdf26 100644 --- a/include/image.h +++ b/include/image.h @@ -45,6 +45,8 @@ struct lmb; #endif /* USE_HOSTCC */ #if defined(CONFIG_FIT) +#include <command.h> +#include <hash.h> #include <libfdt.h> #include <fdt_support.h> # ifdef CONFIG_SPL_BUILD @@ -328,7 +330,7 @@ typedef struct bootm_headers { #define BOOTM_STATE_OS_GO (0x00000400) int state; -#ifdef CONFIG_LMB +#if defined(CONFIG_LMB) && !defined(USE_HOSTCC) struct lmb lmb; /* for memory mgmt */ #endif } bootm_headers_t; @@ -703,7 +705,7 @@ int bootz_setup(ulong image, ulong *start, ulong *end); #define FIT_FDT_PROP "fdt" #define FIT_DEFAULT_PROP "default" -#define FIT_MAX_HASH_LEN 20 /* max(crc32_len(4), sha1_len(20)) */ +#define FIT_MAX_HASH_LEN HASH_MAX_DIGEST_SIZE /* cmdline argument format parsing */ int fit_parse_conf(const char *spec, ulong addr_curr,
Due to the FIT_MAX_HASH_LEN constant not having been updated to support SHA256 signatures one will always see a buffer overflow in fit_image_process_hash when signing images that use this larger hash. This is exposed by vboot_test.sh. Signed-off-by: Michael van der Westhuizen <michael@smart-africa.com> --- Changes in v2: * Use the HASH_MAX_DIGEST_SIZE constant from hash.h for the FIT_MAX_HASH_LEN. * Hide use of struct lmb behind USE_HOSTCC being undefined. include/image.h | 6 ++++-- 1 file changed, 4 insertions(+), 2 deletions(-)