On Thu, 13 Mar 2025 08:23:09 +0100, Ahmad Fatoum wrote:
> fit_digest will hash the list of images in the configuration, so
> fit_check_signature() can compare it against the signed hash.
>
> So far, parse errors while computing the hash were ignored. This is not
> directly exploitable as the hash would be incomplete and fail the
> signature verification, but it makes the code more difficult to reason
> about.
>
> [...]
Applied, thanks!
[1/1] FIT: early exit if digest fails
https://git.pengutronix.de/cgit/barebox/commit/?id=a676705feac6 (link may not be stable)
Best regards,
--
Sascha Hauer <s.hauer@xxxxxxxxxxxxxx>
