mirror of
https://github.com/ARM-software/arm-trusted-firmware.git
synced 2025-08-22 06:51:10 +02:00
a987b89dab
Previously, extensions were parsed twice: once with error checking for validation, and a second time without error checking to extract the extension data. This is error prone and caused TFV-10 (CVE-2022-47630). A simpler approach is to have get_ext() be responsible for all extension parsing, and to treat a NULL OID as an indicator that get_ext() is only being called for validation. cert_parse() checks that get_ext() returns IMG_PARSER_OK and fails otherwise. Change-Id: I65a2ff053a188351ba54799827a2b7bd833bb037 Signed-off-by: Demi Marie Obenour <demiobenour@gmail.com>