Re: [U-Boot] [PATCH v6 6/9] fs: prevent overwriting reserved memory

Simon Glass Fri, 04 Jan 2019 18:01:11 -0800

Hi Simon,

On Fri, 14 Dec 2018 at 13:14, Simon Goldschmidt
<simon.k.r.goldschm...@gmail.com> wrote:
>
> This fixes CVE-2018-18440 ("insufficient boundary checks in filesystem
> image load") by using lmb to check the load size of a file against
> reserved memory addresses.
>
> Signed-off-by: Simon Goldschmidt <simon.k.r.goldschm...@gmail.com>
> ---
>
> Changes in v6:
> - fixed NULL pointer access in 'fdt_blob' passed to
>   'boot_fdt_add_mem_rsv_regions'
>
> Changes in v5: None
> Changes in v4: None
> Changes in v2: None
>
>  fs/fs.c       | 56 ++++++++++++++++++++++++++++++++++++++++++++++++---
>  include/lmb.h |  2 ++
>  lib/lmb.c     | 13 ++++++++++++
>  3 files changed, 68 insertions(+), 3 deletions(-)


Reviewed-by: Simon Glass <s...@chromium.org>

How about -ENOSPC instead of -1?

Regards,
Simon
_______________________________________________
U-Boot mailing list
U-Boot@lists.denx.de
https://lists.denx.de/listinfo/u-boot

Re: [U-Boot] [PATCH v6 6/9] fs: prevent overwriting reserved memory

Reply via email to