Skip to content
Snippets Groups Projects
Commit 6cd5678c authored by Alexander Graf's avatar Alexander Graf Committed by Stefan Roese
Browse files

kwbimage: Fix out of bounds access 


The kwbimage format is reading beyond its header structure if it
misdetects a Xilinx Zynq image and tries to read it. Fix it by
sanity checking that the header we want to read fits inside our
file size.

Signed-off-by: default avatarAlexander Graf <agraf@suse.de>
Tested-by: default avatarMichal Simek <michal.simek@xilinx.com>
Reviewed-by: default avatarStefan Roese <sr@denx.de>
Signed-off-by: default avatarStefan Roese <sr@denx.de>
parent bc8cb152
No related branches found
No related tags found
No related merge requests found
Hide whitespace changes
Inline Side-by-side
Showing
with 4 additions and 0 deletions
tools/kwbimage.c
+ 4
0
View file @ 6cd5678c
...@@ -1616,6 +1616,10 @@ static int kwbimage_verify_header(unsigned char *ptr, int image_size, ...@@ -1616,6 +1616,10 @@ static int kwbimage_verify_header(unsigned char *ptr, int image_size,
struct image_tool_params *params) struct image_tool_params *params)
{ {
uint8_t checksum; uint8_t checksum;
size_t header_size = kwbimage_header_size(ptr);
if (header_size > image_size)
return -FDT_ERR_BADSTRUCTURE;
if (!main_hdr_checksum_ok(ptr)) if (!main_hdr_checksum_ok(ptr))
return -FDT_ERR_BADSTRUCTURE; return -FDT_ERR_BADSTRUCTURE;
......
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment