diff options
| author | Kees Cook <kees@outflux.net> | 2013-10-22 11:23:51 -0400 |
|---|---|---|
| committer | Peter Jones <pjones@redhat.com> | 2013-10-22 11:23:51 -0400 |
| commit | a0df78b73f922bde50e753d46e9276777bf883ac (patch) | |
| tree | 97744865a450c24431d7594eeb0e5c6a98d7f419 /PasswordCrypt.c | |
| parent | ee4deae045c984e265a30c42e85a267e14e84680 (diff) | |
| download | efi-boot-shim-a0df78b73f922bde50e753d46e9276777bf883ac.tar.gz efi-boot-shim-a0df78b73f922bde50e753d46e9276777bf883ac.zip | |
additional bounds-checking on section sizes
This adds additional bounds-checking on the section sizes. Also adds
-Wsign-compare to the Makefile and replaces some signed variables with
unsigned counteparts for robustness.
Signed-off-by: Kees Cook <kees@ubuntu.com>
Diffstat (limited to 'PasswordCrypt.c')
| -rw-r--r-- | PasswordCrypt.c | 4 |
1 files changed, 2 insertions, 2 deletions
diff --git a/PasswordCrypt.c b/PasswordCrypt.c index 8d72a821..e0a82cfd 100644 --- a/PasswordCrypt.c +++ b/PasswordCrypt.c @@ -154,7 +154,7 @@ static EFI_STATUS sha256_crypt (const char *key, UINT32 key_len, CopyMem(cp, tmp_result, cnt); SHA256_Init(&alt_ctx); - for (cnt = 0; cnt < 16 + alt_result[0]; ++cnt) + for (cnt = 0; cnt < 16ul + alt_result[0]; ++cnt) SHA256_Update(&alt_ctx, salt, salt_size); SHA256_Final(tmp_result, &alt_ctx); @@ -242,7 +242,7 @@ static EFI_STATUS sha512_crypt (const char *key, UINT32 key_len, CopyMem(cp, tmp_result, cnt); SHA512_Init(&alt_ctx); - for (cnt = 0; cnt < 16 + alt_result[0]; ++cnt) + for (cnt = 0; cnt < 16ul + alt_result[0]; ++cnt) SHA512_Update(&alt_ctx, salt, salt_size); SHA512_Final(tmp_result, &alt_ctx); |