diff options
author | AKASHI Takahiro <takahiro.akashi@linaro.org> | 2020-04-21 09:38:57 +0900 |
---|---|---|
committer | Heinrich Schuchardt <xypron.glpk@gmx.de> | 2020-05-04 12:26:11 +0200 |
commit | 964d5326c91ab1fd891a26cbd7a1c98b7fc42014 (patch) | |
tree | a24bdad3435092abf4e0bd863a41066ca5332c99 | |
parent | e3f5c9cb0fcc95aa9287b5f8609294fe1a59b9da (diff) |
efi_loader: fix unreachable statement in efi_sigstore_parse_siglist
"if (left < esl->signature_size)" is not reachable in a while loop.
But it is still valuable in case that a given signature database is
somehow corrupted. So fix the while loop condition.
Reported-by: Heinrich Schuchardt <xypron.glpk@gmx.de>
Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org>
Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de>
-rw-r--r-- | lib/efi_loader/efi_signature.c | 2 |
1 files changed, 1 insertions, 1 deletions
diff --git a/lib/efi_loader/efi_signature.c b/lib/efi_loader/efi_signature.c index 150ce41f36..4ad818d5ee 100644 --- a/lib/efi_loader/efi_signature.c +++ b/lib/efi_loader/efi_signature.c @@ -667,7 +667,7 @@ efi_sigstore_parse_siglist(struct efi_signature_list *esl) esd = (struct efi_signature_data *) ((u8 *)esl + sizeof(*esl) + esl->signature_header_size); - while ((left > 0) && left >= esl->signature_size) { + while (left > 0) { /* Signature must exist if there is remaining data. */ if (left < esl->signature_size) { debug("Certificate is too small\n"); |