[PATCH 09/15] common: tlv: Add TLV-Signature support
Jonas Rebmann
jre at pengutronix.de
Wed Oct 22 03:43:46 PDT 2025
Hi Ahmad,
Just answering to what I don't immediately apply for v2:
On 2025-10-22 12:00, Ahmad Fatoum wrote:
>> +/*
>> + * Retrieve length of header+TLVs (offset of spki hash part of signature if available)
>> + */
>> +
>> +static inline size_t tlv_spki_hash_offset(const struct tlv_header *header)
>> +{
>> + size_t ret = size_add(sizeof(struct tlv_header), get_unaligned_be32(&header->length_tlv));
>>
>> return ret; /* SIZE_MAX on overflow */
>
> Shouldn't you then check for SIZE_MAX at callsites?
I chose not to implement this check in all places using those
size/offset helpers.
In "[PATCH 01/15] common: clean up TLV code", I check early in the TLV
handling, that tlv_total_len() doesn't overflow. Later on, it is
guaranteed that calls to tlv_total_len(), tlv_spki_hash_offset() and the
such cannot overflow.
If I where to check at callsites of tlv_spki_hash_offset() I'd need to
check at all callsites of all TLV size/offset helperss, which seemed
unnecessary.
What do you think?
Regards,
Jonas
--
Pengutronix e.K. | Jonas Rebmann |
Steuerwalder Str. 21 | http://www.pengutronix.de/ |
31137 Hildesheim, Germany | Phone: +49-5121-206917-0 |
Amtsgericht Hildesheim, HRA 2686 | Fax: +49-5121-206917-9 |
More information about the barebox
mailing list