Skip to content

Commit edaa67c

Browse files
bigbrettbigbrett
committed
add sanity checks on oneshot hash pointers
1 parent c8aa838 commit edaa67c

1 file changed

Lines changed: 12 additions & 0 deletions

File tree

src/image.c

Lines changed: 12 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -988,6 +988,8 @@ static int header_sha256(wc_Sha256 *sha256_ctx, struct wolfBoot_image *img)
988988
#endif
989989
end_sha = stored_sha - (2 * sizeof(uint16_t)); /* Subtract 2 Type + 2 Len */
990990
#ifdef WOLFBOOT_IMG_HASH_ONESHOT
991+
if (end_sha <= p)
992+
return -1;
991993
wc_Sha256Update(sha256_ctx, p, (word32)(end_sha - p));
992994
#else
993995
{
@@ -1018,6 +1020,8 @@ static int image_sha256(struct wolfBoot_image *img, uint8_t *hash)
10181020
if (header_sha256(&sha256_ctx, img) != 0)
10191021
return -1;
10201022
#ifdef WOLFBOOT_IMG_HASH_ONESHOT
1023+
if (img->fw_base == NULL)
1024+
return -1;
10211025
wc_Sha256Update(&sha256_ctx, img->fw_base, img->fw_size);
10221026
#else
10231027
{
@@ -1091,6 +1095,8 @@ static int header_sha384(wc_Sha384 *sha384_ctx, struct wolfBoot_image *img)
10911095
#endif
10921096
end_sha = stored_sha - (2 * sizeof(uint16_t)); /* Subtract 2 Type + 2 Len */
10931097
#ifdef WOLFBOOT_IMG_HASH_ONESHOT
1098+
if (end_sha <= p)
1099+
return -1;
10941100
wc_Sha384Update(sha384_ctx, p, (word32)(end_sha - p));
10951101
#else
10961102
{
@@ -1124,6 +1130,8 @@ static int image_sha384(struct wolfBoot_image *img, uint8_t *hash)
11241130
if (header_sha384(&sha384_ctx, img) != 0)
11251131
return -1;
11261132
#ifdef WOLFBOOT_IMG_HASH_ONESHOT
1133+
if (img->fw_base == NULL)
1134+
return -1;
11271135
wc_Sha384Update(&sha384_ctx, img->fw_base, img->fw_size);
11281136
#else
11291137
{
@@ -1200,6 +1208,8 @@ static int header_sha3_384(wc_Sha3 *sha3_ctx, struct wolfBoot_image *img)
12001208
wc_InitSha3_384(sha3_ctx, NULL, INVALID_DEVID);
12011209
end_sha = stored_sha - (2 * sizeof(uint16_t)); /* Subtract 2 Type + 2 Len */
12021210
#ifdef WOLFBOOT_IMG_HASH_ONESHOT
1211+
if (end_sha <= p)
1212+
return -1;
12031213
wc_Sha3_384_Update(sha3_ctx, p, (word32)(end_sha - p));
12041214
#else
12051215
{
@@ -1232,6 +1242,8 @@ static int image_sha3_384(struct wolfBoot_image *img, uint8_t *hash)
12321242
if (header_sha3_384(&sha3_ctx, img) != 0)
12331243
return -1;
12341244
#ifdef WOLFBOOT_IMG_HASH_ONESHOT
1245+
if (img->fw_base == NULL)
1246+
return -1;
12351247
wc_Sha3_384_Update(&sha3_ctx, img->fw_base, img->fw_size);
12361248
#else
12371249
{

0 commit comments

Comments
 (0)