Prevent a buffer overflow in mkimage when signing with SHA256

Due to the FIT_MAX_HASH_LEN constant not having been updated to support SHA256 signatures one will always see a buffer overflow in fit_image_process_hash when signing images that use this larger hash. This is exposed by vboot_test.sh. Signed-off-by: Michael van der Westhuizen <michael@smart-africa.com> Acked-by: Simon Glass <sjg@chromium.org> [trini: Rework a bit so move the exportable parts of hash.h outside of !USE_HOSTCC and only need that as a new include to image.h] Signed-off-by: Tom Rini <trini@ti.com>
author: Michael van der Westhuizen <michael@smart-africa.com> 2014-05-30 20:59:00 +0200
committer: Tom Rini <trini@ti.com> 2014-06-05 17:01:23 -0400
commit: 1de7bb4f27745336c6d9cd5c2088748fcdaf699d (patch)
tree: fdb9041975fb651d4e5f4c54fbe164f4e5914a3f /include/image.h
parent: d835e91d56c15d24b1880ef16837e4919fb76bcf (diff)
1 files changed, 2 insertions, 1 deletions
diff --git a/include/image.h b/include/image.h
index 132abdf0559..b71e4ba35f6 100644
--- a/include/image.h
+++ b/include/image.h
@@ -45,6 +45,7 @@ struct lmb;
 #endif /* USE_HOSTCC */
 
 #if defined(CONFIG_FIT)
+#include <hash.h>
 #include <libfdt.h>
 #include <fdt_support.h>
 # ifdef CONFIG_SPL_BUILD
@@ -706,7 +707,7 @@ int bootz_setup(ulong image, ulong *start, ulong *end);
 #define FIT_FDT_PROP		"fdt"
 #define FIT_DEFAULT_PROP	"default"
 
-#define FIT_MAX_HASH_LEN	20	/* max(crc32_len(4), sha1_len(20)) */
+#define FIT_MAX_HASH_LEN	HASH_MAX_DIGEST_SIZE
 
 /* cmdline argument format parsing */
 int fit_parse_conf(const char *spec, ulong addr_curr,
author	Michael van der Westhuizen <michael@smart-africa.com>	2014-05-30 20:59:00 +0200
committer	Tom Rini <trini@ti.com>	2014-06-05 17:01:23 -0400
commit	1de7bb4f27745336c6d9cd5c2088748fcdaf699d (patch)
tree	fdb9041975fb651d4e5f4c54fbe164f4e5914a3f /include/image.h
parent	d835e91d56c15d24b1880ef16837e4919fb76bcf (diff)