tools: kwbimage: Verify size of v0 image header

Check that extended image header size is not larger than file size. Signed-off-by: Pali Rohár <pali@kernel.org> Reviewed-by: Stefan Roese <sr@denx.de>
author: Pali Rohár <pali@kernel.org> 2021-08-11 10:14:15 +0200
committer: Stefan Roese <sr@denx.de> 2021-09-01 08:07:04 +0200
commit: 33a0af2d8041b027cfbf6ab23c93026339aff142 (patch)
tree: 5761ca833bd6a59eb530a70c17ce3c5b6e813989 /tools/kwbimage.c
parent: b984056fa696e795625a2f5292859b73176f7713 (diff)
download: u-boot-33a0af2d8041b027cfbf6ab23c93026339aff142.zip
u-boot-33a0af2d8041b027cfbf6ab23c93026339aff142.tar.gz
u-boot-33a0af2d8041b027cfbf6ab23c93026339aff142.tar.bz2
1 files changed, 3 insertions, 0 deletions
diff --git a/tools/kwbimage.c b/tools/kwbimage.c
index 542779e..4709c6d 100644
--- a/tools/kwbimage.c
+++ b/tools/kwbimage.c
@@ -1670,6 +1670,9 @@ static int kwbimage_verify_header(unsigned char *ptr, int image_size,
 		if (mhdr->ext & 0x1) {
 			struct ext_hdr_v0 *ext_hdr;
 
+			if (header_size + sizeof(*ext_hdr) > image_size)
+				return -FDT_ERR_BADSTRUCTURE;
+
 			ext_hdr = (struct ext_hdr_v0 *)
 				(ptr + sizeof(struct main_hdr_v0));
 			checksum = image_checksum8(ext_hdr,
author	Pali Rohár <pali@kernel.org>	2021-08-11 10:14:15 +0200
committer	Stefan Roese <sr@denx.de>	2021-09-01 08:07:04 +0200
commit	33a0af2d8041b027cfbf6ab23c93026339aff142 (patch)
tree	5761ca833bd6a59eb530a70c17ce3c5b6e813989 /tools/kwbimage.c
parent	b984056fa696e795625a2f5292859b73176f7713 (diff)
download	u-boot-33a0af2d8041b027cfbf6ab23c93026339aff142.zip u-boot-33a0af2d8041b027cfbf6ab23c93026339aff142.tar.gz u-boot-33a0af2d8041b027cfbf6ab23c93026339aff142.tar.bz2