common: fit-sig: Fix error message in fit_config_verify_sig()

In fit_config_verify_sig(), when no 'signature*' subnode exists in
the configuration node, the fdt_for_each_subnode() loop is a no-op.
Therefore, no error flags are set, and 'err_,sg' is not populated
with an error string. This is incorrect behavior.

Populate err_msg to indicate that no 'signature' is found, before
entering the loop. The first call to fit_image_verify_sig() will
override clear err_msg, or set it to a more specific message.

Signed-off-by: Alexandru Gagniuc <mr.nuke.me@gmail.com>
Reviewed-by: Simon Glass <sjg@chromium.org>

diff --git a/common/image-fit-sig.c b/common/image-fit-sig.c
index d39741e..31cc580 100644 (file)
--- a/common/image-fit-sig.c
+++ b/common/image-fit-sig.c
@@ -360,7 +360,7 @@ static int fit_config_verify_sig(const void *fit, int conf_noffset,
                                 const void *sig_blob, int sig_offset)
 {
        int noffset;
-       char *err_msg = "";
+       char *err_msg = "No 'signature' subnode found";
        int verified = 0;
        int ret;