[PATCH u-boot-mvebu v2 27/41] tools: kwboot: Check for v1 header size

Marek Behún Mon, 19 Jul 2021 05:26:34 -0700

From: Pali Rohár <[email protected]>

Too small invalid headers may cause kwboot to crash.
Check for header size of v1 images.


Signed-off-by: Pali Rohár <[email protected]>
Reviewed-by: Marek Behún <[email protected]>
Reviewed-by: Stefan Roese <[email protected]>
Reviewed-by: Chris Packham <[email protected]>
Tested-by: Chris Packham <[email protected]>
---
 tools/kwboot.c | 5 +++++
 1 file changed, 5 insertions(+)

diff --git a/tools/kwboot.c b/tools/kwboot.c
index c0ac4ce19e..1d32c1b7ad 100644
--- a/tools/kwboot.c
+++ b/tools/kwboot.c
@@ -645,6 +645,11 @@ kwboot_img_patch_hdr(void *img, size_t size)
        else
                hdrsz = KWBHEADER_V1_SIZE(hdr);
 
+       if (size < hdrsz) {
+               errno = EINVAL;
+               goto out;
+       }
+
        csum = kwboot_img_csum8(hdr, hdrsz) - hdr->checksum;
        if (csum != hdr->checksum) {
                errno = EINVAL;
-- 
2.31.1

[PATCH u-boot-mvebu v2 27/41] tools: kwboot: Check for v1 header size

Reply via email to