Skip to content

Commit e5ea4aa

Browse files
bigbrettdanielinux
bigbrett
authored and
danielinux
committed
add sanity checks on oneshot hash pointers
1 parent f7ea40f commit e5ea4aa

File tree

1 file changed

+12
-0
lines changed

1 file changed

+12
-0
lines changed

src/image.c

Lines changed: 12 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -989,6 +989,8 @@ static int header_sha256(wc_Sha256 *sha256_ctx, struct wolfBoot_image *img)
989989
#endif
990990
end_sha = stored_sha - (2 * sizeof(uint16_t)); /* Subtract 2 Type + 2 Len */
991991
#ifdef WOLFBOOT_IMG_HASH_ONESHOT
992+
if (end_sha <= p)
993+
return -1;
992994
wc_Sha256Update(sha256_ctx, p, (word32)(end_sha - p));
993995
#else
994996
{
@@ -1019,6 +1021,8 @@ static int image_sha256(struct wolfBoot_image *img, uint8_t *hash)
10191021
if (header_sha256(&sha256_ctx, img) != 0)
10201022
return -1;
10211023
#ifdef WOLFBOOT_IMG_HASH_ONESHOT
1024+
if (img->fw_base == NULL)
1025+
return -1;
10221026
wc_Sha256Update(&sha256_ctx, img->fw_base, img->fw_size);
10231027
#else
10241028
{
@@ -1092,6 +1096,8 @@ static int header_sha384(wc_Sha384 *sha384_ctx, struct wolfBoot_image *img)
10921096
#endif
10931097
end_sha = stored_sha - (2 * sizeof(uint16_t)); /* Subtract 2 Type + 2 Len */
10941098
#ifdef WOLFBOOT_IMG_HASH_ONESHOT
1099+
if (end_sha <= p)
1100+
return -1;
10951101
wc_Sha384Update(sha384_ctx, p, (word32)(end_sha - p));
10961102
#else
10971103
{
@@ -1125,6 +1131,8 @@ static int image_sha384(struct wolfBoot_image *img, uint8_t *hash)
11251131
if (header_sha384(&sha384_ctx, img) != 0)
11261132
return -1;
11271133
#ifdef WOLFBOOT_IMG_HASH_ONESHOT
1134+
if (img->fw_base == NULL)
1135+
return -1;
11281136
wc_Sha384Update(&sha384_ctx, img->fw_base, img->fw_size);
11291137
#else
11301138
{
@@ -1201,6 +1209,8 @@ static int header_sha3_384(wc_Sha3 *sha3_ctx, struct wolfBoot_image *img)
12011209
wc_InitSha3_384(sha3_ctx, NULL, INVALID_DEVID);
12021210
end_sha = stored_sha - (2 * sizeof(uint16_t)); /* Subtract 2 Type + 2 Len */
12031211
#ifdef WOLFBOOT_IMG_HASH_ONESHOT
1212+
if (end_sha <= p)
1213+
return -1;
12041214
wc_Sha3_384_Update(sha3_ctx, p, (word32)(end_sha - p));
12051215
#else
12061216
{
@@ -1233,6 +1243,8 @@ static int image_sha3_384(struct wolfBoot_image *img, uint8_t *hash)
12331243
if (header_sha3_384(&sha3_ctx, img) != 0)
12341244
return -1;
12351245
#ifdef WOLFBOOT_IMG_HASH_ONESHOT
1246+
if (img->fw_base == NULL)
1247+
return -1;
12361248
wc_Sha3_384_Update(&sha3_ctx, img->fw_base, img->fw_size);
12371249
#else
12381250
{

0 commit comments

Comments
 (0)