]> git.dujemihanovic.xyz Git - u-boot.git/commit
Prevent a buffer overflow in mkimage when signing with SHA256
authorMichael van der Westhuizen <michael@smart-africa.com>
Fri, 30 May 2014 18:59:00 +0000 (20:59 +0200)
committerTom Rini <trini@ti.com>
Thu, 5 Jun 2014 21:01:23 +0000 (17:01 -0400)
commit1de7bb4f27745336c6d9cd5c2088748fcdaf699d
treefdb9041975fb651d4e5f4c54fbe164f4e5914a3f
parentd835e91d56c15d24b1880ef16837e4919fb76bcf
Prevent a buffer overflow in mkimage when signing with SHA256

Due to the FIT_MAX_HASH_LEN constant not having been updated
to support SHA256 signatures one will always see a buffer
overflow in fit_image_process_hash when signing images that
use this larger hash.  This is exposed by vboot_test.sh.

Signed-off-by: Michael van der Westhuizen <michael@smart-africa.com>
Acked-by: Simon Glass <sjg@chromium.org>
[trini: Rework a bit so move the exportable parts of hash.h outside of
 !USE_HOSTCC and only need that as a new include to image.h]
Signed-off-by: Tom Rini <trini@ti.com>
include/hash.h
include/image.h