Return error from boot_find_key instead of asserting When the hash key length parameter is invalid (bigger than allowed) just return an error for the caller routines; this will work like a not found key and allows the removal of assert() code in this module. Signed-off-by: Fabio Utzig <utzig@apache.org>

commit: 15c1467fa261a6a31d3302e4d1fcb093d513dc72 [log] [tgz]
author: Fabio Utzig <utzig@apache.org> Fri Aug 09 07:45:20 2019 -0300
committer: Fabio Utzig <utzig@utzig.org> Tue Aug 13 09:44:41 2019 -0300
tree: a2b8baff8ea94a66f06d42b05da5900e98ea3389
parent: c962135f1a8df2fe103daf29c02a8cd48a696ad8 [diff] [blame]
diff --git a/boot/bootutil/src/image_validate.c b/boot/bootutil/src/image_validate.c
index a496bc4..b883e44 100644
--- a/boot/bootutil/src/image_validate.c
+++ b/boot/bootutil/src/image_validate.c

@@ -21,7 +21,6 @@
  * Modifications are Copyright (c) 2019 Arm Limited.
  */
 
-#include <assert.h>
 #include <stddef.h>
 #include <inttypes.h>
 #include <string.h>
@@ -183,7 +182,9 @@
     const struct bootutil_key *key;
     uint8_t hash[32];
 
-    assert(keyhash_len <= 32);
+    if (keyhash_len > 32) {
+        return -1;
+    }
 
     for (i = 0; i < bootutil_key_cnt; i++) {
         key = &bootutil_keys[i];
commit	15c1467fa261a6a31d3302e4d1fcb093d513dc72	[log] [tgz]
author	Fabio Utzig <utzig@apache.org>	Fri Aug 09 07:45:20 2019 -0300
committer	Fabio Utzig <utzig@utzig.org>	Tue Aug 13 09:44:41 2019 -0300
tree	a2b8baff8ea94a66f06d42b05da5900e98ea3389
parent	c962135f1a8df2fe103daf29c02a8cd48a696ad8 [diff] [blame]