[PATCH u-boot-mvebu 15/31] tools: kwboot: Check for v1 header size
Marek Behún
marek.behun at nic.cz
Thu Jul 8 19:30:16 CEST 2021
From: Pali Rohár <pali at kernel.org>
Too small invalid headers may cause kwboot to crash.
Check for header size of v1 images.
Signed-off-by: Pali Rohár <pali at kernel.org>
Reviewed-by: Marek Behún <marek.behun at nic.cz>
---
tools/kwboot.c | 5 +++++
1 file changed, 5 insertions(+)
diff --git a/tools/kwboot.c b/tools/kwboot.c
index e4d4267e47..7f3489c55c 100644
--- a/tools/kwboot.c
+++ b/tools/kwboot.c
@@ -651,6 +651,11 @@ kwboot_img_patch_hdr(void *img, size_t size)
else
hdrsz = KWBHEADER_V1_SIZE(hdr);
+ if (size < hdrsz) {
+ errno = EINVAL;
+ goto out;
+ }
+
csum = kwboot_img_csum8(hdr, hdrsz) - hdr->checksum;
if (csum != hdr->checksum) {
errno = EINVAL;
--
2.31.1
More information about the U-Boot
mailing list