Package: imx-code-signing-tool

Package: imx-code-signing-tool / 3.3.0+dfsg2-1

Metadata

Package	Version	Patches format
imx-code-signing-tool	3.3.0+dfsg2-1	3.0 (quilt)

Patch series

view the series file

Patch	File delta	Description
0001 Use correct types for sizes to avoid overwriting unr.patch \| (download)	code/cst/code/back_end/src/adapt_layer_openssl.c \| 4 2 + 2 - 0 ! code/cst/code/back_end/src/ssl_wrapper.c \| 5 3 + 2 - 0 ! code/cst/code/front_end/hdr/csf.h \| 2 1 + 1 - 0 ! code/cst/code/front_end/src/acst.c \| 2 1 + 1 - 0 ! code/cst/code/front_end/src/csf_cmd_aut_dat.c \| 2 1 + 1 - 0 ! code/cst/code/front_end/src/cst.c \| 12 6 + 6 - 0 ! 6 files changed, 14 insertions(+), 13 deletions(-)	use correct types for sizes to avoid overwriting unrelated data sig_size is declared as uint32_t, but later typecast to size_t, which is significantly wider on 64-bit architectures. To avoid potential issues in other places, promote sizes and lengths to size_t/ssize_t where this makes sense Signed-off-by: Andrej Shadura <andrew.shadura@collabora.co.uk>
0002 Check the hash algorithm before possibly failing to .patch \| (download)	code/cst/code/front_end/src/acst.c \| 9 5 + 4 - 0 ! 1 file changed, 5 insertions(+), 4 deletions(-)	check the hash algorithm before (possibly failing to) malloc malloc only accepts unsigned sizes, so failing to catch a negative size as an errorcode will result in a malloc call with an enormous value, leading to an allocation failure and a nonsensical error message. Signed-off-by: Andrej Shadura <andrew.shadura@collabora.co.uk>

Patch

File delta

Description

0001 Use correct types for sizes to avoid overwriting unr.patch | (download)

code/cst/code/back_end/src/adapt_layer_openssl.c | 4 2 + 2 - 0 !
code/cst/code/back_end/src/ssl_wrapper.c | 5 3 + 2 - 0 !
code/cst/code/front_end/hdr/csf.h | 2 1 + 1 - 0 !
code/cst/code/front_end/src/acst.c | 2 1 + 1 - 0 !
code/cst/code/front_end/src/csf_cmd_aut_dat.c | 2 1 + 1 - 0 !
code/cst/code/front_end/src/cst.c | 12 6 + 6 - 0 !
6 files changed, 14 insertions(+), 13 deletions(-)

 use correct types for sizes to avoid overwriting unrelated data

sig_size is declared as uint32_t, but later typecast to size_t,
which is significantly wider on 64-bit architectures.

To avoid potential issues in other places, promote sizes and lengths
to size_t/ssize_t where this makes sense

Signed-off-by: Andrej Shadura <andrew.shadura@collabora.co.uk>

0002 Check the hash algorithm before possibly failing to .patch | (download)

code/cst/code/front_end/src/acst.c | 9 5 + 4 - 0 !
1 file changed, 5 insertions(+), 4 deletions(-)

 check the hash algorithm before (possibly failing to) malloc

malloc only accepts unsigned sizes, so failing to catch a negative
size as an errorcode will result in a malloc call with an enormous
value, leading to an allocation failure and a nonsensical error
message.

Signed-off-by: Andrej Shadura <andrew.shadura@collabora.co.uk>