aboutsummaryrefslogtreecommitdiff
path: root/lib
diff options
context:
space:
mode:
authorHeinrich Schuchardt2022-08-31 21:13:40 +0200
committerTom Rini2022-09-15 09:57:11 -0400
commit0cd933bb4bd74084d942c42098ebf9e07d9e0f63 (patch)
treef3f4c2a9d5d19e8b548ce6ed98fbd5610d30bdd7 /lib
parent069f0d7506f6e256f9e2ade82e315ef976dfb9ba (diff)
lib: rsa: fix padding_pss_verify
Check the that the hash length is shorter than the message length. This avoids: ./tools/../lib/rsa/rsa-verify.c:275:11: warning: ‘*db’ may be used uninitialized [-Wmaybe-uninitialized] 275 | db[0] &= 0xff >> leftmost_bits; Fixes: 061daa0b61f0 ("rsa: add support of padding pss") Signed-off-by: Heinrich Schuchardt <heinrich.schuchardt@canonical.com> Reviewed-by: Simon Glass <sjg@chromium.org>
Diffstat (limited to 'lib')
-rw-r--r--lib/rsa/rsa-verify.c5
1 files changed, 5 insertions, 0 deletions
diff --git a/lib/rsa/rsa-verify.c b/lib/rsa/rsa-verify.c
index 1d95cfbdee0..9605c376390 100644
--- a/lib/rsa/rsa-verify.c
+++ b/lib/rsa/rsa-verify.c
@@ -215,6 +215,8 @@ out:
* @msg_len: Message length
* @hash: Pointer to the expected hash
* @hash_len: Length of the hash
+ *
+ * Return: 0 if padding is correct, non-zero otherwise
*/
int padding_pss_verify(struct image_sign_info *info,
const uint8_t *msg, int msg_len,
@@ -234,6 +236,9 @@ int padding_pss_verify(struct image_sign_info *info,
uint8_t leftmost_mask;
struct checksum_algo *checksum = info->checksum;
+ if (db_len <= 0)
+ return -EINVAL;
+
/* first, allocate everything */
db_mask = malloc(db_len);
db = malloc(db_len);