Fix preamble range checks0.12.362.B

Change-Id: I0571f4524703566b8840e2b264d868c404f87c80

R=gauravsh@chromium.org,wfrichar@chromium.org
BUG=chrome-os-partner:2910
TEST=make && make runtests

Review URL: http://codereview.chromium.org/6759075

1 files changed, 6 insertions, 6 deletions

diff --git a/firmware/lib/vboot_common.c b/firmware/lib/vboot_common.c
index d9838c41..a20e16fb 100644
--- a/firmware/lib/vboot_common.c
+++ b/firmware/lib/vboot_common.c
@@ -333,15 +333,15 @@ int VerifyFirmwarePreamble(const VbFirmwarePreambleHeader* preamble,
     return VBOOT_PREAMBLE_INVALID;
   }
 
-  /* Verify body signature is inside the block */
-  if (VerifySignatureInside(preamble, preamble->preamble_size,
+  /* Verify body signature is inside the signed data */
+  if (VerifySignatureInside(preamble, sig->data_size,
                             &preamble->body_signature)) {
     VBDEBUG(("Firmware body signature off end of preamble\n"));
     return VBOOT_PREAMBLE_INVALID;
   }
 
-  /* Verify kernel subkey is inside the block */
-  if (VerifyPublicKeyInside(preamble, preamble->preamble_size,
+  /* Verify kernel subkey is inside the signed data */
+  if (VerifyPublicKeyInside(preamble, sig->data_size,
                             &preamble->kernel_subkey)) {
     VBDEBUG(("Kernel subkey off end of preamble\n"));
     return VBOOT_PREAMBLE_INVALID;
@@ -387,8 +387,8 @@ int VerifyKernelPreamble(const VbKernelPreambleHeader* preamble,
     return VBOOT_PREAMBLE_INVALID;
   }
 
-  /* Verify body signature is inside the block */
-  if (VerifySignatureInside(preamble, preamble->preamble_size,
+  /* Verify body signature is inside the signed data */
+  if (VerifySignatureInside(preamble, sig->data_size,
                             &preamble->body_signature)) {
     VBDEBUG(("Kernel body signature off end of preamble\n"));
     return VBOOT_PREAMBLE_INVALID;