lib: rsa: fix padding_pss_verify 49/297449/2
authorHeinrich Schuchardt <heinrich.schuchardt@canonical.com>
Wed, 31 Aug 2022 19:13:40 +0000 (21:13 +0200)
committerSeung-Woo Kim <sw0312.kim@samsung.com>
Mon, 21 Aug 2023 04:38:20 +0000 (04:38 +0000)
Check the that the hash length is shorter than the message length. This
avoids:

    ./tools/../lib/rsa/rsa-verify.c:275:11: warning:
    ‘*db’ may be used uninitialized [-Wmaybe-uninitialized]
      275 |         db[0] &= 0xff >> leftmost_bits;

Fixes: 061daa0b61f0 ("rsa: add support of padding pss")
Signed-off-by: Heinrich Schuchardt <heinrich.schuchardt@canonical.com>
Reviewed-by: Simon Glass <sjg@chromium.org>
[sw0312.kim: backport upstream commit 0cd933bb4bd7 to remove build warning]
Signed-off-by: Seung-Woo Kim <sw0312.kim@samsung.com>
Change-Id: Ia65f431ee3722af8b1f11b4e8e3033fc058df826

lib/rsa/rsa-verify.c

index 1d95cfb..9605c37 100644 (file)
@@ -215,6 +215,8 @@ out:
  * @msg_len:   Message length
  * @hash:      Pointer to the expected hash
  * @hash_len:  Length of the hash
+ *
+ * Return:     0 if padding is correct, non-zero otherwise
  */
 int padding_pss_verify(struct image_sign_info *info,
                       const uint8_t *msg, int msg_len,
@@ -234,6 +236,9 @@ int padding_pss_verify(struct image_sign_info *info,
        uint8_t leftmost_mask;
        struct checksum_algo *checksum = info->checksum;
 
+       if (db_len <= 0)
+               return -EINVAL;
+
        /* first, allocate everything */
        db_mask = malloc(db_len);
        db = malloc(db_len);