[PATCH v5] image-fit: Validate external data offset and size
Tom Rini
trini at konsulko.com
Sat Jun 13 20:04:01 CEST 2026
On Thu, Jun 04, 2026 at 11:39:50AM +0100, Anton Ivanov wrote:
> fit_image_get_data() uses the data-position, data-offset, and
> data-size FIT properties without bounds checking. A crafted FIT
> image can specify values that cause out-of-bounds read during
> signature verification of an untrusted FIT.
>
> Validate that the external data offset and size are non-negative,
> and that the data region fits within the FIT image bounds.
>
> Signed-off-by: Anton Ivanov <anton at binarly.io>
> Reviewed-by: Simon Glass <sjg at chromium.org>
Applied to u-boot/next, thanks!
--
Tom
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 228 bytes
Desc: not available
URL: <https://lists.denx.de/pipermail/u-boot/attachments/20260613/70f878af/attachment.sig>
More information about the U-Boot
mailing list