]> git.ipfire.org Git - thirdparty/u-boot.git/commitdiff
projects / thirdparty / u-boot.git / commitdiff
? search:
summary | shortlog | log | commit | commitdiff | tree
raw | patch | inline | side by side (parent: 41713b9)
ecdsa: fix segfault in mkimage when "-r" option is not set
authorLucas Dietrich <ld.adecy@gmail.com>
Mon, 7 Jul 2025 15:55:50 +0000 (17:55 +0200)
committerTom Rini <trini@konsulko.com>
Mon, 14 Jul 2025 21:16:45 +0000 (15:16 -0600)
Fix a segmentation fault in the ECDSA signing logic of `mkimage`
that occurs when the "-r" option is not specified.

This reproduces the logic in `lib/rsa/rsa-sign.c` by checking if
`info->require_keys` is non-null before passing it to
`fdt_setprop_string()`.

Signed-off-by: Lucas Dietrich <lucas.dietrich.git@proton.me>
lib/ecdsa/ecdsa-libcrypto.c patch | blob | blame | history

diff --git a/lib/ecdsa/ecdsa-libcrypto.c b/lib/ecdsa/ecdsa-libcrypto.c
index 7415d685ee1b5ca0b84317d0842d93324117c597..c4bfb2cec61aa58a1bbcbb22cb0177ccd125bb6b 100644 (file)
--- a/lib/ecdsa/ecdsa-libcrypto.c
+++ b/lib/ecdsa/ecdsa-libcrypto.c
@@ -519,10 +519,12 @@ static int do_add(struct signer *ctx, void *fdt, const char *key_node_name,
        if (ret < 0)
                return ret;
 
-       ret = fdt_setprop_string(fdt, key_node, FIT_KEY_REQUIRED,
-                                info->require_keys);
-       if (ret < 0)
-               return ret;
+       if (info->require_keys) {
+               ret = fdt_setprop_string(fdt, key_node, FIT_KEY_REQUIRED,
+                                        info->require_keys);
+               if (ret < 0)
+                       return ret;
+       }
 
        return key_node;
 }
"Das U-Boot" Source Tree