13 Nov
2018
13 Nov
'18
8:54 p.m.
On 7 November 2018 at 11:51, Tom Rini trini@konsulko.com wrote:
From: Konrad Beckmann konrad.beckmann@gmail.com
A specially crafted FIT image leads to memory corruption in the stack when using the verified boot feature. The function fit_config_check_sig has a logic error that makes it possible to write past the end of the stack allocated array node_inc. This could potentially be used to bypass the signature check when using verified boot.
This change ensures that the number of strings is correct when counted.
Signed-off-by: Konrad Beckmann konrad.beckmann@gmail.com
common/image-sig.c | 5 +++++ 1 file changed, 5 insertions(+)
Reviewed-by: Simon Glass sjg@chromium.org