[PATCH u-boot-mvebu 15/31] tools: kwboot: Check for v1 header size

Marek Behún marek.behun at nic.cz
Thu Jul 8 19:30:16 CEST 2021


From: Pali Rohár <pali at kernel.org>

Too small invalid headers may cause kwboot to crash.
Check for header size of v1 images.

Signed-off-by: Pali Rohár <pali at kernel.org>
Reviewed-by: Marek Behún <marek.behun at nic.cz>
---
 tools/kwboot.c | 5 +++++
 1 file changed, 5 insertions(+)

diff --git a/tools/kwboot.c b/tools/kwboot.c
index e4d4267e47..7f3489c55c 100644
--- a/tools/kwboot.c
+++ b/tools/kwboot.c
@@ -651,6 +651,11 @@ kwboot_img_patch_hdr(void *img, size_t size)
 	else
 		hdrsz = KWBHEADER_V1_SIZE(hdr);
 
+	if (size < hdrsz) {
+		errno = EINVAL;
+		goto out;
+	}
+
 	csum = kwboot_img_csum8(hdr, hdrsz) - hdr->checksum;
 	if (csum != hdr->checksum) {
 		errno = EINVAL;
-- 
2.31.1



More information about the U-Boot mailing list