In fit_config_verify_sig(), when no 'signature*' subnode exists in the configuration node, the fdt_for_each_subnode() loop is a no-op. Therefore, no error flags are set, and 'err_,sg' is not populated with an error string. This is incorrect behavior.

Populate err_msg to indicate that no 'signature' is found, before entering the loop. The first call to fit_image_verify_sig() will override clear err_msg, or set it to a more specific message.

Signed-off-by: Alexandru Gagniuc mr.nuke.me@gmail.com --- common/image-fit-sig.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/common/image-fit-sig.c b/common/image-fit-sig.c index 7fcbb47235..f8a68b08dc 100644 --- a/common/image-fit-sig.c +++ b/common/image-fit-sig.c @@ -374,7 +374,7 @@ static int fit_config_verify_sig(const void *fit, int conf_noffset, const void *sig_blob, int sig_offset) { int noffset; - char *err_msg = ""; + char *err_msg = "No 'signature' subnode found"; int verified = 0; int ret;