On 20 of February 2009 02:46:26 David Kilroy wrote: > > +static const char *fw_err[] = { > + "image too small", > + "format not recognised", > + "bad headersize", > + "bad block offset", > + "bad PDR offset", > + "bad PRI offset", > + "bad compat offset" > +}; > + > /* Structure used to access fields in FW > * Make sure LE decoding macros are used > */ > @@ -43,6 +53,32 @@ struct orinoco_fw_header { > char signature[0]; /* FW signature length headersize-20 */ > } __attribute__ ((packed)); > > +/* Check the range of various header entries */ > +static int validate_fw(const struct orinoco_fw_header *hdr, size_t > len) +{ > + u16 hdrsize; > + > + if (len < sizeof(*hdr)) > + return 1; > + if (memcmp(hdr->hdr_vers, "HFW", 3) != 0) > + return 2; > + > + hdrsize = le16_to_cpu(hdr->headersize); > + if (hdrsize > len) > + return 3; > + if ((hdrsize + le32_to_cpu(hdr->block_offset)) > len) > + return 4; > + if ((hdrsize + le32_to_cpu(hdr->pdr_offset)) > len) > + return 5; > + if ((hdrsize + le32_to_cpu(hdr->pri_offset)) > len) > + return 6; > + if ((hdrsize + le32_to_cpu(hdr->compat_offset)) > len) > + return 7; > + > + /* TODO: consider adding a checksum or CRC to the firmware format > */ + return 0; > +} I am afraid this can easily go off sync. Any reason those messages cannot be printed inline in validate_fw()? Otherwise what about #define FW_ERR_OK 0 #define FW_ERR_TOO_SMALL 1 ... static const char *fw_err[] = { [FW_ERR_TOO_SMALL] = "image too small", ... if (len < sizeof(*hdr)) return FW_ERR_TOO_SMALL; ... return FW_ERR_OK; ?
Attachment:
signature.asc
Description: This is a digitally signed message part.