Skip to content
Snippets Groups Projects
Commit f1c85688 authored by Konrad Beckmann's avatar Konrad Beckmann Committed by Tom Rini
Browse files

image-sig: Ensure that hashed-nodes is null-terminated 


A specially crafted FIT image leads to memory corruption in the stack
when using the verified boot feature. The function fit_config_check_sig
has a logic error that makes it possible to write past the end of the
stack allocated array node_inc. This could potentially be used to bypass
the signature check when using verified boot.

This change ensures that the number of strings is correct when counted.

Signed-off-by: default avatarKonrad Beckmann <konrad.beckmann@gmail.com>
Reviewed-by: default avatarSimon Glass <sjg@chromium.org>
parent ad5fbc6e
No related branches found
No related tags found
No related merge requests found
Hide whitespace changes
Inline Side-by-side
Showing
with 5 additions and 0 deletions
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment