xnu-3248.20.55.tar.gz

[apple/xnu.git] / bsd / kern / ubc_subr.c

diff --git a/bsd/kern/ubc_subr.c b/bsd/kern/ubc_subr.c
index 0222981a2f31a9fad3e56316c9544ad37c89f614..7d7fbe7c61102632a26689f3be6856eba0c0cedf 100644 (file)
--- a/bsd/kern/ubc_subr.c
+++ b/bsd/kern/ubc_subr.c
@@ -2847,13 +2847,12 @@ ubc_cs_blob_add(
 
        error = cs_validate_csblob((const uint8_t *)addr, size, &cd);
        if (error) {
-               if (cs_debug)
+
+        if (cs_debug)
                        printf("CODESIGNING: csblob invalid: %d\n", error);
-               blob->csb_flags = 0;
-               blob->csb_start_offset = 0;
-               blob->csb_end_offset = 0;
-               memset(blob->csb_cdhash, 0, sizeof(blob->csb_cdhash));
-               /* let the vnode checker determine if the signature is valid or not */
+        /* The vnode checker can't make the rest of this function succeed if csblob validation failed, so bail */
+        goto out;
+
        } else {
                const unsigned char *md_base;
                uint8_t hash[CS_HASH_MAX_SIZE];