diff options
author | Randall Spangler <rspangler@chromium.org> | 2011-03-25 15:49:10 -0700 |
---|---|---|
committer | Randall Spangler <rspangler@chromium.org> | 2011-03-25 15:49:10 -0700 |
commit | cecdcbfe5d3832b4d639845d1fe297187236920c (patch) | |
tree | 5e3dd8ad4f1aa4d56a6a2b616ce6fb2ca2e698a2 | |
parent | ac7c2d9e303aec95ab80fba6d70790ca1c7b0e85 (diff) | |
download | vboot-cecdcbfe5d3832b4d639845d1fe297187236920c.tar.gz |
Add additional checks for size greater than header size.
Change-Id: Iea64e3df795d1f9299117cbd161b203295211629
R=wfrichar@chromium.org,gauravsh@chromium.org
BUG=chrome-os-partner:2908
TEST=make && make runtests
Review URL: http://codereview.chromium.org/6745027
-rw-r--r-- | firmware/lib/vboot_common.c | 12 |
1 files changed, 12 insertions, 0 deletions
diff --git a/firmware/lib/vboot_common.c b/firmware/lib/vboot_common.c index ce01e961..d9838c41 100644 --- a/firmware/lib/vboot_common.c +++ b/firmware/lib/vboot_common.c @@ -178,6 +178,10 @@ int KeyBlockVerify(const VbKeyBlockHeader* block, uint64_t size, const VbSignature* sig; /* Sanity checks before attempting signature of data */ + if(size < sizeof(VbKeyBlockHeader)) { + VBDEBUG(("Not enough space for key block header.\n")); + return VBOOT_KEY_BLOCK_INVALID; + } if (SafeMemcmp(block->magic, KEY_BLOCK_MAGIC, KEY_BLOCK_MAGIC_SIZE)) { VBDEBUG(("Not a valid verified boot key block.\n")); return VBOOT_KEY_BLOCK_INVALID; @@ -292,6 +296,10 @@ int VerifyFirmwarePreamble(const VbFirmwarePreambleHeader* preamble, const VbSignature* sig = &preamble->preamble_signature; /* Sanity checks before attempting signature of data */ + if(size < sizeof(VbFirmwarePreambleHeader)) { + VBDEBUG(("Not enough data for preamble header.\n")); + return VBOOT_PREAMBLE_INVALID; + } if (preamble->header_version_major != FIRMWARE_PREAMBLE_HEADER_VERSION_MAJOR) { VBDEBUG(("Incompatible firmware preamble header version.\n")); @@ -350,6 +358,10 @@ int VerifyKernelPreamble(const VbKernelPreambleHeader* preamble, const VbSignature* sig = &preamble->preamble_signature; /* Sanity checks before attempting signature of data */ + if(size < sizeof(VbKernelPreambleHeader)) { + VBDEBUG(("Not enough data for preamble header.\n")); + return VBOOT_PREAMBLE_INVALID; + } if (preamble->header_version_major != KERNEL_PREAMBLE_HEADER_VERSION_MAJOR) { VBDEBUG(("Incompatible kernel preamble header version.\n")); return VBOOT_PREAMBLE_INVALID; |