From: Anton Moryakov <ant.v.moryakov@gmail.com>
Date: Tue, 25 Feb 2025 13:53:27 +0000 (+0300)
Subject: lib: rsa: add NULL check for 'algo' in
X-Git-Tag: v2025.07-rc1~18^2~40
X-Git-Url: http://git.openpandora.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=babc6eef2f48970f394816c955a4a7481ce8df80;p=pandora-u-boot.git

lib: rsa: add NULL check for 'algo' in

- Check return value of fdt_getprop for NULL.
- Return -EFAULT if 'algo' property is missing.
- Prevent NULL pointer dereference in strcmp."

Triggers found by static analyzer Svace.

Signed-off-by: Anton Moryakov <ant.v.moryakov@gmail.com>
---

diff --git a/lib/rsa/rsa-verify.c b/lib/rsa/rsa-verify.c
index b74aaf86e6d..4a0418a75f1 100644
--- a/lib/rsa/rsa-verify.c
+++ b/lib/rsa/rsa-verify.c
@@ -449,6 +449,11 @@ static int rsa_verify_with_keynode(struct image_sign_info *info,
 	}
 
 	algo = fdt_getprop(blob, node, "algo", NULL);
+	if (!algo) {
+		debug("%s: Missing 'algo' property\n", __func__);
+		return -EFAULT;
+	}
+
 	if (strcmp(info->name, algo)) {
 		debug("%s: Wrong algo: have %s, expected %s\n", __func__,
 		      info->name, algo);