[U-Boot] [PATCH 2/4] fs: cbfs: Fix out of bound access during CBFS walking through
Bin Meng
bmeng.cn at gmail.com
Mon Dec 31 01:44:48 UTC 2018
On Sat, Dec 29, 2018 at 9:40 PM Simon Glass <sjg at chromium.org> wrote:
>
> On Sat, 22 Dec 2018 at 02:50, Bin Meng <bmeng.cn at gmail.com> wrote:
> >
> > The call to file_cbfs_fill_cache() is given with the parameter
> > 'start' pointing to the offset by the CBFS base address, but
> > with the parameter 'size' that equals to the whole CBFS size.
> > During CBFS walking through, it checks files one by one and
> > after it pass over the end of the CBFS which is 4GiB boundary
> > it tries to check files from address 0 and so on, until the
> > overall size the codes checked hits to the given 'size'.
> >
> > Fix this by passing 'start' pointing to the CBFS base address.
> >
> > Signed-off-by: Bin Meng <bmeng.cn at gmail.com>
> > ---
> >
> > fs/cbfs/cbfs.c | 4 ++--
> > 1 file changed, 2 insertions(+), 2 deletions(-)
>
> Reviewed-by: Simon Glass <sjg at chromium.org>
applied to u-boot-x86, thanks!
More information about the U-Boot
mailing list