Re: [PATCH 1/2] scripts: kwboot: fix image check for padded images

Sascha Hauer <s.hauer@xxxxxxxxxxxxxx> · Tue, 14 Feb 2017 08:47:49 +0100



On Sat, Feb 11, 2017 at 08:57:51PM +0100, Uwe Kleine-König wrote:
> When there is some padding between header and payload the claim
> 
> 	header_size + image_size == file_size
> 
> fails. Relax the check accordingly to:
> 
> 	header_size <= image_offset &&
> 	image_offset + image_size == file_size
> 
> Signed-off-by: Uwe Kleine-König <u.kleine-koenig@xxxxxxxxxxxxxx>
> ---
>  scripts/kwboot.c | 16 ++++++++++++----
>  1 file changed, 12 insertions(+), 4 deletions(-)

Applied, thanks

Sascha

> 
> diff --git a/scripts/kwboot.c b/scripts/kwboot.c
> index 9e4181e539ac..3ab26cd936c5 100644
> --- a/scripts/kwboot.c
> +++ b/scripts/kwboot.c
> @@ -603,7 +603,7 @@ static int
>  kwboot_check_image(unsigned char *img, size_t size)
>  {
>  	size_t i;
> -	size_t header_size, image_size;
> +	size_t header_size, image_size, image_offset;
>  	unsigned char csum = 0;
>  
>  	if (size < 0x20) {
> @@ -640,12 +640,20 @@ kwboot_check_image(unsigned char *img, size_t size)
>  
>  	image_size = img[0x4] | (img[0x5] << 8) |
>  		(img[0x6] << 16) | (img[0x7] << 24);
> +	image_offset = img[0xc] | (img[0xd] << 8) |
> +		(img[0xe] << 16) | (img[0xf] << 24);
>  
>  	header_size = (img[0x9] << 16) | img[0xa] | (img[0xb] << 8);
>  
> -	if (header_size + image_size != size) {
> -		fprintf(stderr, "Size mismatch (%zu + %zu != %zu)\n",
> -			header_size, image_size, size);
> +	if (header_size > image_offset) {
> +		fprintf(stderr, "Header (%zu) expands over image start (%zu)\n",
> +			header_size, image_offset);
> +		return 1;
> +	}
> +
> +	if (image_offset + image_size != size) {
> +		fprintf(stderr, "Image doesn't end at file end (%zu + %zu != %zu)\n",
> +			image_offset, image_size, size);
>  		return 1;
>  	}
>  
> -- 
> 2.11.0
> 
> 
> _______________________________________________
> barebox mailing list
> barebox@xxxxxxxxxxxxxxxxxxx
> http://lists.infradead.org/mailman/listinfo/barebox

-- 
Pengutronix e.K.                           |                             |
Industrial Linux Solutions                 | http://www.pengutronix.de/  |
Peiner Str. 6-8, 31137 Hildesheim, Germany | Phone: +49-5121-206917-0    |
Amtsgericht Hildesheim, HRA 2686           | Fax:   +49-5121-206917-5555 |

_______________________________________________
barebox mailing list
barebox@xxxxxxxxxxxxxxxxxxx
http://lists.infradead.org/mailman/listinfo/barebox