On 2026-06-04T10:39:50, Anton Ivanov <[email protected]> wrote: > image-fit: Validate external data offset and size > > fit_image_get_data() uses the data-position, data-offset, and > data-size FIT properties without bounds checking. A crafted FIT > image can specify values that cause out-of-bounds read during > signature verification of an untrusted FIT. > > Validate that the external data offset and size are non-negative, > and that the data region fits within the FIT image bounds. > > Signed-off-by: Anton Ivanov <[email protected]> > > boot/image-fit.c | 53 +++++++++++++- > test/py/tests/test_vboot.py | 165 > ++++++++++++++++++++++++++++++++++++++++++++ > 2 files changed, 216 insertions(+), 2 deletions(-)
Reviewed-by: Simon Glass <[email protected]>
