Ubuntu
sbsigntool package

sbsign failure in the presence of zero sized sections

Bug #1252288 reported by Ard Biesheuvel on 2013-11-18

This bug affects 1 person

Affects		Status	Importance	Assigned to	Milestone
	sbsigntool (Ubuntu)	Fix Released	Undecided	Unassigned

Bug Description

EFISTUB zImages for ARM64 contain two sections, a dummy .reloc section and a .text sections covering the entire payload.

When attempting to sign such a zImage, sbsign fails in the image_find_regions() like so

Starting program: /home/ard/build/sbsigntool-0.6/src/sbsign --key server.key --cert server.crt ~/linux-arm/arch/arm64/boot/Image
warning: gap in section table:
(null) : 0xffff8000093bfd01 - 0xffff8000093bfd01,
.text : 0x000001a0 - 0x00000201,

This is caused by the loop in this function, which skips NULL sections but still increments 'i', causing the contiguity check to become invalid.

The following patch solves the issue for me.

--- image.c.orig 2013-11-18 15:34:13.451962351 +0100
+++ image.c 2013-11-18 15:34:15.415962345 +0100
@@ -379,34 +379,34 @@
     image->checksum_regions,
     struct region,
     image->n_checksum_regions);
- regions = image->checksum_regions;
+ regions = &image->checksum_regions[image->n_checksum_regions-1];

- regions[i + 3].data = buf + file_offset;
- regions[i + 3].size = align_up(file_size,
+ regions->data = buf + file_offset;
+ regions->size = align_up(file_size,
image->file_alignment);
- regions[i + 3].name = talloc_strndup(image->checksum_regions,
+ regions->name = talloc_strndup(image->checksum_regions,
image->scnhdr[i].s_name, 8);
- bytes += regions[i + 3].size;
+ bytes += regions->size;

- if (file_offset + regions[i+3].size > image->size) {
+ if (file_offset + regions->size > image->size) {
    fprintf(stderr, "warning: file-aligned section %s "
      "extends beyond end of file\n",
- regions[i+3].name);
+ regions->name);
   }

- if (regions[i+2].data + regions[i+2].size
- != regions[i+3].data) {
+ if (regions[-1].data + regions[-1].size
+ != regions->data) {
    fprintf(stderr, "warning: gap in section table:\n");
    fprintf(stderr, " %-8s: 0x%08tx - 0x%08tx,\n",
- regions[i+2].name,
- regions[i+2].data - buf,
- regions[i+2].data +
- regions[i+2].size - buf);
+ regions[-1].name,
+ regions[-1].data - buf,
+ regions[-1].data +
+ regions[-1].size - buf);
    fprintf(stderr, " %-8s: 0x%08tx - 0x%08tx,\n",
- regions[i+3].name,
- regions[i+3].data - buf,
- regions[i+3].data +
- regions[i+3].size - buf);
+ regions->name,
+ regions->data - buf,
+ regions->data +
+ regions->size - buf);

Related branches

lp:ubuntu/trusty-proposed/sbsigntool

Revision history for this message

Launchpad Janitor (janitor) wrote on 2014-04-15:

This bug was fixed in the package sbsigntool - 0.6-0ubuntu7

---------------
sbsigntool (0.6-0ubuntu7) trusty; urgency=medium

  * debian/patches/del-duplicate-define.patch: Remove duplicate define.
  * debian/patches/zero-sized-sections.patch: Fix failure in sbsigntool
    when it encouters zero-sized PE/COFF image sections (LP: #1252288).
  * debian/patches/arm-arm64-support.patch: Support signing ARM images.
-- Adam Conrad <email address hidden> Tue, 15 Apr 2014 14:54:42 +0100

Changed in sbsigntool (Ubuntu):
status:	New → Fix Released

Report a bug

This report contains Public information

Everyone can see this information.

You are

Subscribing...

Edit bug mail

Other bug subscribers

Remote bug watches

Bug watches keep track of this bug in other bug trackers.

Ubuntusbsigntool package