futility: Fix lookup of invalid algorithm names

If given a malformed file with an invalid algorithm, futility could dereference null when looking up the algorithm names. BUG=chromium:643769 BRANCH=none TEST=make runtests Change-Id: I26d1312b8bf2eec8d806664708676daa9f36fa58 Signed-off-by: Randall Spangler <rspangler@chromium.org> Reviewed-on: https://chromium-review.googlesource.com/380522 Reviewed-by: Stefan Reinauer <reinauer@chromium.org>
author: Randall Spangler <rspangler@chromium.org> 2016-09-02 12:21:55 -0700
committer: chrome-bot <chrome-bot@chromium.org> 2016-09-06 22:02:16 -0700
commit: 0efc4f3ee111d28cf22060a22ad591427dc7eb7f (patch)
tree: 57d1af3c399effad787e63ac8bdbbdcf4b780a1d
parent: 470b24816681dc1781e1b280980d9448d2c1af96 (diff)
download: vboot-0efc4f3ee111d28cf22060a22ad591427dc7eb7f.tar.gz
5 files changed, 24 insertions, 34 deletions
diff --git a/futility/file_type_rwsig.c b/futility/file_type_rwsig.c
index c2d7fbf6..40669a6b 100644
--- a/futility/file_type_rwsig.c
+++ b/futility/file_type_rwsig.c
@@ -42,16 +42,13 @@ static inline void vb2_print_bytes(const void *ptr, uint32_t len)
 
 static void show_sig(const char *name, const struct vb21_signature *sig)
 {
-	const struct vb2_text_vs_enum *entry;
 	printf("Signature:             %s\n", name);
 	printf("  Vboot API:           2.1\n");
 	printf("  Desc:                \"%s\"\n", vb21_common_desc(sig));
-	entry = vb2_lookup_by_num(vb2_text_vs_sig, sig->sig_alg);
 	printf("  Signature Algorithm: %d %s\n", sig->sig_alg,
-	       entry ? entry->name : "(invalid)");
-	entry = vb2_lookup_by_num(vb2_text_vs_hash, sig->hash_alg);
+	       vb2_get_sig_algorithm_name(sig->sig_alg));
 	printf("  Hash Algorithm:      %d %s\n", sig->hash_alg,
-	       entry ? entry->name : "(invalid)");
+	       vb2_get_hash_algorithm_name(sig->hash_alg));
 	printf("  Total size:          0x%x (%d)\n", sig->c.total_size,
 	       sig->c.total_size);
 	printf("  ID:                  ");
diff --git a/futility/file_type_usbpd1.c b/futility/file_type_usbpd1.c
index 18485cc8..81430855 100644
--- a/futility/file_type_usbpd1.c
+++ b/futility/file_type_usbpd1.c
@@ -354,8 +354,8 @@ static void show_usbpd1_stuff(const char *name,
 
 	printf("USB-PD v1 image:       %s\n", name);
 	printf("  Algorithm:           %s %s\n",
-	       vb2_lookup_by_num(vb2_text_vs_sig, sig_alg)->name,
-	       vb2_lookup_by_num(vb2_text_vs_hash, hash_alg)->name);
+	       vb2_get_sig_algorithm_name(sig_alg),
+	       vb2_get_hash_algorithm_name(hash_alg));
 	printf("  Key sha1sum:         ");
 	for (i = 0; i < VB2_SHA1_DIGEST_SIZE; i++)
 		printf("%02x", sha1sum[i]);
diff --git a/futility/vb2_helper.c b/futility/vb2_helper.c
index d953f2f5..6f36af78 100644
--- a/futility/vb2_helper.c
+++ b/futility/vb2_helper.c
@@ -93,7 +93,6 @@ int ft_show_vb21_pubkey(const char *name, uint8_t *buf, uint32_t len,
 			void *data)
 {
 	struct vb2_public_key key;
-	const struct vb2_text_vs_enum *entry;
 	uint8_t sha1sum[VB2_SHA1_DIGEST_SIZE];
 
 	/* The key's members will point into the state buffer after this. Don't
@@ -104,12 +103,10 @@ int ft_show_vb21_pubkey(const char *name, uint8_t *buf, uint32_t len,
 	printf("Public Key file:       %s\n", name);
 	printf("  Vboot API:           2.1\n");
 	printf("  Desc:                \"%s\"\n", key.desc);
-	entry = vb2_lookup_by_num(vb2_text_vs_sig, key.sig_alg);
 	printf("  Signature Algorithm: %d %s\n", key.sig_alg,
-	       entry ? entry->name : "(invalid)");
-	entry = vb2_lookup_by_num(vb2_text_vs_hash, key.hash_alg);
+	       vb2_get_sig_algorithm_name(key.sig_alg));
 	printf("  Hash Algorithm:      %d %s\n", key.hash_alg,
-	       entry ? entry->name : "(invalid)");
+	       vb2_get_hash_algorithm_name(key.hash_alg));
 	printf("  Version:             0x%08x\n", key.version);
 	printf("  ID:                  ");
 	vb2_print_bytes(key.id, sizeof(*key.id));
@@ -142,7 +139,6 @@ int ft_show_vb21_privkey(const char *name, uint8_t *buf, uint32_t len,
 			 void *data)
 {
 	struct vb2_private_key *key = 0;
-	const struct vb2_text_vs_enum *entry;
 	uint8_t sha1sum[VB2_SHA1_DIGEST_SIZE];
 
 	if (VB2_SUCCESS != vb21_private_key_unpack(&key, buf, len))
@@ -151,12 +147,10 @@ int ft_show_vb21_privkey(const char *name, uint8_t *buf, uint32_t len,
 	printf("Private key file:      %s\n", name);
 	printf("  Vboot API:           2.1\n");
 	printf("  Desc:                \"%s\"\n", key->desc ? key->desc : "");
-	entry = vb2_lookup_by_num(vb2_text_vs_sig, key->sig_alg);
 	printf("  Signature Algorithm: %d %s\n", key->sig_alg,
-	       entry ? entry->name : "(invalid)");
-	entry = vb2_lookup_by_num(vb2_text_vs_hash, key->hash_alg);
+	       vb2_get_sig_algorithm_name(key->sig_alg));
 	printf("  Hash Algorithm:      %d %s\n", key->hash_alg,
-	       entry ? entry->name : "(invalid)");
+	       vb2_get_hash_algorithm_name(key->hash_alg));
 	printf("  ID:                  ");
 	vb2_print_bytes(&key->id, sizeof(key->id));
 	printf("\n");
diff --git a/host/lib21/host_key.c b/host/lib21/host_key.c
index c7ded210..4ef18d88 100644
--- a/host/lib21/host_key.c
+++ b/host/lib21/host_key.c
@@ -18,22 +18,6 @@
 #include "host_key2.h"
 #include "host_misc.h"
 
-struct vb2_text_vs_enum vb2_text_vs_algorithm[] = {
-	{"RSA1024 SHA1",   VB2_ALG_RSA1024_SHA1},
-	{"RSA1024 SHA256", VB2_ALG_RSA1024_SHA256},
-	{"RSA1024 SHA512", VB2_ALG_RSA1024_SHA512},
-	{"RSA2048 SHA1",   VB2_ALG_RSA2048_SHA1},
-	{"RSA2048 SHA256", VB2_ALG_RSA2048_SHA256},
-	{"RSA2048 SHA512", VB2_ALG_RSA2048_SHA512},
-	{"RSA4096 SHA1",   VB2_ALG_RSA4096_SHA1},
-	{"RSA4096 SHA256", VB2_ALG_RSA4096_SHA256},
-	{"RSA4096 SHA512", VB2_ALG_RSA4096_SHA512},
-	{"RSA8192 SHA1",   VB2_ALG_RSA8192_SHA1},
-	{"RSA8192 SHA256", VB2_ALG_RSA8192_SHA256},
-	{"RSA8192 SHA512", VB2_ALG_RSA8192_SHA512},
-	{0, 0}
-};
-
 struct vb2_text_vs_enum vb2_text_vs_sig[] = {
 	{"RSA1024", VB2_SIG_RSA1024},
 	{"RSA2048", VB2_SIG_RSA2048},
@@ -69,6 +53,14 @@ const struct vb2_text_vs_enum *vb2_lookup_by_name(
 	return 0;
 }
 
+const char *vb2_get_sig_algorithm_name(enum vb2_signature_algorithm sig_alg)
+{
+	const struct vb2_text_vs_enum *entry =
+			vb2_lookup_by_num(vb2_text_vs_sig, sig_alg);
+
+	return entry ? entry->name : VB2_INVALID_ALG_NAME;
+}
+
 void vb2_private_key_free(struct vb2_private_key *key)
 {
 	if (!key)
diff --git a/host/lib21/include/host_key2.h b/host/lib21/include/host_key2.h
index e109cb19..4681a5f4 100644
--- a/host/lib21/include/host_key2.h
+++ b/host/lib21/include/host_key2.h
@@ -55,11 +55,18 @@ const struct vb2_text_vs_enum *vb2_lookup_by_name(
 	const struct vb2_text_vs_enum *table,
 	const char *name);
 
-extern struct vb2_text_vs_enum vb2_text_vs_algorithm[];
 extern struct vb2_text_vs_enum vb2_text_vs_sig[];
 extern struct vb2_text_vs_enum vb2_text_vs_hash[];
 
 /**
+ * Return the name of a signature algorithm.
+ *
+ * @param sig_alg	Signature algorithm to look up
+ * @return The corresponding name, or VB2_INVALID_ALG_NAME if no match.
+ */
+const char *vb2_get_sig_algorithm_name(enum vb2_signature_algorithm sig_alg);
+
+/**
  * Free a private key.
  *
  * @param key		Key containing internal data to free.
author	Randall Spangler <rspangler@chromium.org>	2016-09-02 12:21:55 -0700
committer	chrome-bot <chrome-bot@chromium.org>	2016-09-06 22:02:16 -0700
commit	0efc4f3ee111d28cf22060a22ad591427dc7eb7f (patch)
tree	57d1af3c399effad787e63ac8bdbbdcf4b780a1d
parent	470b24816681dc1781e1b280980d9448d2c1af96 (diff)
download	vboot-0efc4f3ee111d28cf22060a22ad591427dc7eb7f.tar.gz