Mirrors/u-boot
2
0
Fork 0
mirror of https://github.com/AsahiLinux/u-boot synced 2024-11-11 07:34:31 +00:00
Code Issues Projects Releases Packages Wiki Activity

efi_loader: error handling in tcg2_hash_pe_image()

Browse source 
If the hard coded array hash_algo_list[] contains an entry for an
unsupported algorithm, we should not leak resources new_efi and regs.

We should still extend the log with the digests for the supported
algorithms and not write any message.

The same holds true of tcg2_create_digest(): just continue in case
hash_algo_list[] contains an unsupported entry.

Fixes: 163a0d7e2c ("efi_loader: add PE/COFF image measurement")
Signed-off-by: Heinrich Schuchardt <heinrich.schuchardt@canonical.com>
Reviewed-by: Ilias Apalodimas <ilias.apalodimas@linaro.org>
This commit is contained in:
Heinrich Schuchardt 2023-07-31 14:11:34 +02:00
parent ba27563093
commit d12c3efe53
1 changed files with 2 additions and 4 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

6
lib/efi_loader/efi_tcg2.c
View file

@ -706,8 +706,7 @@ static efi_status_t tcg2_create_digest(const u8 *input, u32 length,
sha512_finish(&ctx_512, final);
break;
default:
EFI_PRINT("Unsupported algorithm %x\n", hash_alg);
return EFI_INVALID_PARAMETER;
continue;
}
digest_list->digests[digest_list->count].hash_alg = hash_alg;
memcpy(&digest_list->digests[digest_list->count].digest, final,
@ -930,8 +929,7 @@ static efi_status_t tcg2_hash_pe_image(void *efi, u64 efi_size,
hash_calculate("sha512", regs->reg, regs->num, hash);
break;
default:
EFI_PRINT("Unsupported algorithm %x\n", hash_alg);
return EFI_INVALID_PARAMETER;
continue;
}
digest_list->digests[digest_list->count].hash_alg = hash_alg;
memcpy(&digest_list->digests[digest_list->count].digest, hash,