From: AKASHI Takahiro <takahiro.akashi@linaro.org>
Date: Tue, 21 Apr 2020 00:38:57 +0000 (+0900)
Subject: efi_loader: fix unreachable statement in efi_sigstore_parse_siglist
X-Git-Tag: v2020.07-rc2~11^2~8
X-Git-Url: https://git.librecmc.org/?a=commitdiff_plain;h=964d5326c91ab1fd891a26cbd7a1c98b7fc42014;p=oweals%2Fu-boot.git

efi_loader: fix unreachable statement in efi_sigstore_parse_siglist

"if (left < esl->signature_size)" is not reachable in a while loop.
But it is still valuable in case that a given signature database is
somehow corrupted. So fix the while loop condition.

Reported-by: Heinrich Schuchardt <xypron.glpk@gmx.de>
Signed-off-by: AKASHI Takahiro <takahiro.akashi@linaro.org>
Reviewed-by: Heinrich Schuchardt <xypron.glpk@gmx.de>
---

diff --git a/lib/efi_loader/efi_signature.c b/lib/efi_loader/efi_signature.c
index 150ce41f36..4ad818d5ee 100644
--- a/lib/efi_loader/efi_signature.c
+++ b/lib/efi_loader/efi_signature.c
@@ -667,7 +667,7 @@ efi_sigstore_parse_siglist(struct efi_signature_list *esl)
 	esd = (struct efi_signature_data *)
 			((u8 *)esl + sizeof(*esl) + esl->signature_header_size);
 
-	while ((left > 0) && left >= esl->signature_size) {
+	while (left > 0) {
 		/* Signature must exist if there is remaining data. */
 		if (left < esl->signature_size) {
 			debug("Certificate is too small\n");