On Thu, Jan 14, 2021 at 04:19:05PM +0100, Mickaël Salaün wrote: > From: Mickaël Salaün <[email protected]> > > Before exposing this new key type to user space, make sure that only > meaningful blacklisted hashes are accepted. This is also checked for > builtin blacklisted hashes, but a following commit make sure that the > user will notice (at built time) and will fix the configuration if it > already included errors. > > Check that a blacklist key description starts with a valid prefix and > then a valid hexadecimal string. > > Cc: David Howells <[email protected]> > Cc: David Woodhouse <[email protected]> > Signed-off-by: Mickaël Salaün <[email protected]> > Acked-by: Jarkko Sakkinen <[email protected]>
In this I'm not as worried about ABI, i.e. you don't have any reason supply any other data, which doesn't follow these ruels, whereas there could very well be a script that does format hex "incorrectly". /Jarkko
