| Message ID | 20200421003857.16190-1-takahiro.akashi@linaro.org |
|---|---|
| State | Accepted |
| Commit | 964d5326c91ab1fd891a26cbd7a1c98b7fc42014 |
| Headers | show |
| Series | efi_loader: fixe unreachable statement in efi_sigstore_parse_siglist | expand |
On 4/21/20 2:38 AM, AKASHI Takahiro wrote: > "if (left < esl->signature_size)" is not reachable in a while loop. > But it is still valuable in case that a given signature database is > somehow corrupted. So fix the while loop condition. > > Signed-off-by: AKASHI Takahiro <takahiro.akashi at linaro.org> > Reported-by: Heinrich Schuchardt <xypron.glpk at gmx.de> Reviewed-by: Heinrich Schuchardt <xypron.glpk at gmx.de> > --- > lib/efi_loader/efi_signature.c | 2 +- > 1 file changed, 1 insertion(+), 1 deletion(-) > > diff --git a/lib/efi_loader/efi_signature.c b/lib/efi_loader/efi_signature.c > index 0ead10203aeb..b392e72fefcd 100644 > --- a/lib/efi_loader/efi_signature.c > +++ b/lib/efi_loader/efi_signature.c > @@ -668,7 +668,7 @@ efi_sigstore_parse_siglist(struct efi_signature_list *esl) > esd = (struct efi_signature_data *) > ((u8 *)esl + sizeof(*esl) + esl->signature_header_size); > > - while ((left > 0) && left >= esl->signature_size) { > + while (left > 0) { > /* Signature must exist if there is remaining data. */ > if (left < esl->signature_size) { > debug("Certificate is too small\n"); >
On 5/1/20 8:13 AM, Heinrich Schuchardt wrote: > On 4/21/20 2:38 AM, AKASHI Takahiro wrote: >> "if (left < esl->signature_size)" is not reachable in a while loop. >> But it is still valuable in case that a given signature database is >> somehow corrupted. So fix the while loop condition. >> >> Signed-off-by: AKASHI Takahiro <takahiro.akashi at linaro.org> >> Reported-by: Heinrich Schuchardt <xypron.glpk at gmx.de> > Reviewed-by: Heinrich Schuchardt <xypron.glpk at gmx.de> > Patch is merged. Thanks Heinrich
diff --git a/lib/efi_loader/efi_signature.c b/lib/efi_loader/efi_signature.c index 0ead10203aeb..b392e72fefcd 100644 --- a/lib/efi_loader/efi_signature.c +++ b/lib/efi_loader/efi_signature.c @@ -668,7 +668,7 @@ efi_sigstore_parse_siglist(struct efi_signature_list *esl) esd = (struct efi_signature_data *) ((u8 *)esl + sizeof(*esl) + esl->signature_header_size); - while ((left > 0) && left >= esl->signature_size) { + while (left > 0) { /* Signature must exist if there is remaining data. */ if (left < esl->signature_size) { debug("Certificate is too small\n");
"if (left < esl->signature_size)" is not reachable in a while loop. But it is still valuable in case that a given signature database is somehow corrupted. So fix the while loop condition. Signed-off-by: AKASHI Takahiro <takahiro.akashi at linaro.org> Reported-by: Heinrich Schuchardt <xypron.glpk at gmx.de> --- lib/efi_loader/efi_signature.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-)