[U-Boot] [PATCH v6 6/9] fs: prevent overwriting reserved memory
Simon Glass
sjg at chromium.org
Sat Jan 5 01:56:31 UTC 2019
Hi Simon,
On Fri, 14 Dec 2018 at 13:14, Simon Goldschmidt
<simon.k.r.goldschmidt at gmail.com> wrote:
>
> This fixes CVE-2018-18440 ("insufficient boundary checks in filesystem
> image load") by using lmb to check the load size of a file against
> reserved memory addresses.
>
> Signed-off-by: Simon Goldschmidt <simon.k.r.goldschmidt at gmail.com>
> ---
>
> Changes in v6:
> - fixed NULL pointer access in 'fdt_blob' passed to
> 'boot_fdt_add_mem_rsv_regions'
>
> Changes in v5: None
> Changes in v4: None
> Changes in v2: None
>
> fs/fs.c | 56 ++++++++++++++++++++++++++++++++++++++++++++++++---
> include/lmb.h | 2 ++
> lib/lmb.c | 13 ++++++++++++
> 3 files changed, 68 insertions(+), 3 deletions(-)
Reviewed-by: Simon Glass <sjg at chromium.org>
How about -ENOSPC instead of -1?
Regards,
Simon
More information about the U-Boot
mailing list