On Wed, Nov 07, 2018 at 02:51:45PM -0500, Tom Rini wrote: > From: Konrad Beckmann <[email protected]> > > A specially crafted FIT image leads to memory corruption in the stack > when using the verified boot feature. The function fit_config_check_sig > has a logic error that makes it possible to write past the end of the > stack allocated array node_inc. This could potentially be used to bypass > the signature check when using verified boot. > > This change ensures that the number of strings is correct when counted. > > Signed-off-by: Konrad Beckmann <[email protected]> > Reviewed-by: Simon Glass <[email protected]>
Applied to u-boot/master, thanks! -- Tom
signature.asc
Description: PGP signature
_______________________________________________ U-Boot mailing list [email protected] https://lists.denx.de/listinfo/u-boot
