On 08.07.21 19:30, Marek Behún wrote:
From: Pali Rohár <p...@kernel.org>
Too small invalid headers may cause kwboot to crash.
Check for header size of v1 images.
Signed-off-by: Pali Rohár <p...@kernel.org>
Reviewed-by: Marek Behún <marek.be...@nic.cz>
Reviewed-by: Stefan Roese <s...@denx.de>
Thanks,
Stefan
---
tools/kwboot.c | 5 +++++
1 file changed, 5 insertions(+)
diff --git a/tools/kwboot.c b/tools/kwboot.c
index e4d4267e47..7f3489c55c 100644
--- a/tools/kwboot.c
+++ b/tools/kwboot.c
@@ -651,6 +651,11 @@ kwboot_img_patch_hdr(void *img, size_t size)
else
hdrsz = KWBHEADER_V1_SIZE(hdr);
+ if (size < hdrsz) {
+ errno = EINVAL;
+ goto out;
+ }
+
csum = kwboot_img_csum8(hdr, hdrsz) - hdr->checksum;
if (csum != hdr->checksum) {
errno = EINVAL;
Viele Grüße,
Stefan
--
DENX Software Engineering GmbH, Managing Director: Wolfgang Denk
HRB 165235 Munich, Office: Kirchenstr.5, D-82194 Groebenzell, Germany
Phone: (+49)-8142-66989-51 Fax: (+49)-8142-66989-80 Email: s...@denx.de