Check curve_name for null to avoid crash

If mixed rsa and ecdsa keys are specified in dtsi, an rsa key can be sent
into the ecdsa verify. Without the ecdsa,curve property, this function will
crash due to lack of checking the null pointer return.

Signed-off-by: Bob Wolff <bob.wolff68@gmail.com>

diff --git a/lib/ecdsa/ecdsa-verify.c b/lib/ecdsa/ecdsa-verify.c
index 0601700c4fc61d309e60d5aaefa770c9af7037a0..4d1835b598afc304ebe4e5ff7f7cef6d87b18622 100644 (file)
--- a/lib/ecdsa/ecdsa-verify.c
+++ b/lib/ecdsa/ecdsa-verify.c
@@ -31,6 +31,11 @@ static int fdt_get_key(struct ecdsa_public_key *key, const void *fdt, int node)
        int x_len, y_len;
 
        key->curve_name = fdt_getprop(fdt, node, "ecdsa,curve", NULL);
+       if (!key->curve_name) {
+               debug("Error: ecdsa cannot get 'ecdsa,curve' property from key. Likely not an ecdsa key.\n");
+               return -ENOMSG;
+       }
+
        key->size_bits = ecdsa_key_size(key->curve_name);
        if (key->size_bits == 0) {
                debug("Unknown ECDSA curve '%s'", key->curve_name);