Gitiles
Code Review Sign In
gerrit.devboardsforandroid.linaro.org / platform / external / u-boot / 9522956605205d23fe99142547ca3227574d418a^! / .
commit9522956605205d23fe99142547ca3227574d418a[log] [tgz]
authorBob Wolff <bob.wolff68@gmail.com>Tue Feb 27 15:57:03 2024 -0800
committerTom Rini <trini@konsulko.com>Thu Mar 07 07:41:41 2024 -0500
tree7bb5ff48beb02cd32ca5c94cb066ecbdc98a75ac
parent6eb682bc7ea398fad4aadb612c690884e73edc03 [diff]
Check curve_name for null to avoid crash

If mixed rsa and ecdsa keys are specified in dtsi, an rsa key can be sent
into the ecdsa verify. Without the ecdsa,curve property, this function will
crash due to lack of checking the null pointer return.

Signed-off-by: Bob Wolff <bob.wolff68@gmail.com>

diff --git a/lib/ecdsa/ecdsa-verify.c b/lib/ecdsa/ecdsa-verify.c
index 0601700..4d1835b 100644
--- a/lib/ecdsa/ecdsa-verify.c
+++ b/lib/ecdsa/ecdsa-verify.c

@@ -31,6 +31,11 @@
 	int x_len, y_len;
 
 	key->curve_name = fdt_getprop(fdt, node, "ecdsa,curve", NULL);
+	if (!key->curve_name) {
+		debug("Error: ecdsa cannot get 'ecdsa,curve' property from key. Likely not an ecdsa key.\n");
+		return -ENOMSG;
+	}
+
 	key->size_bits = ecdsa_key_size(key->curve_name);
 	if (key->size_bits == 0) {
 		debug("Unknown ECDSA curve '%s'", key->curve_name);