diff options
author | Randall Spangler <rspangler@chromium.org> | 2011-04-01 13:35:46 -0700 |
---|---|---|
committer | Randall Spangler <rspangler@chromium.org> | 2011-04-01 13:35:46 -0700 |
commit | 8ae94c2d24d36d1469483c9923a4d7ecbc3910b0 (patch) | |
tree | ee7c3ad3edcd30d6e979929a1d1adf2f5b5cf4b5 | |
parent | e871ea6a822619eb301e1cc533935bf08f16a6dd (diff) | |
download | vboot-8ae94c2d24d36d1469483c9923a4d7ecbc3910b0.tar.gz |
Fix preamble range checks0.12.362.B
Change-Id: I0571f4524703566b8840e2b264d868c404f87c80
R=gauravsh@chromium.org,wfrichar@chromium.org
BUG=chrome-os-partner:2910
TEST=make && make runtests
Review URL: http://codereview.chromium.org/6759075
-rw-r--r-- | firmware/lib/vboot_common.c | 12 |
1 files changed, 6 insertions, 6 deletions
diff --git a/firmware/lib/vboot_common.c b/firmware/lib/vboot_common.c index d9838c41..a20e16fb 100644 --- a/firmware/lib/vboot_common.c +++ b/firmware/lib/vboot_common.c @@ -333,15 +333,15 @@ int VerifyFirmwarePreamble(const VbFirmwarePreambleHeader* preamble, return VBOOT_PREAMBLE_INVALID; } - /* Verify body signature is inside the block */ - if (VerifySignatureInside(preamble, preamble->preamble_size, + /* Verify body signature is inside the signed data */ + if (VerifySignatureInside(preamble, sig->data_size, &preamble->body_signature)) { VBDEBUG(("Firmware body signature off end of preamble\n")); return VBOOT_PREAMBLE_INVALID; } - /* Verify kernel subkey is inside the block */ - if (VerifyPublicKeyInside(preamble, preamble->preamble_size, + /* Verify kernel subkey is inside the signed data */ + if (VerifyPublicKeyInside(preamble, sig->data_size, &preamble->kernel_subkey)) { VBDEBUG(("Kernel subkey off end of preamble\n")); return VBOOT_PREAMBLE_INVALID; @@ -387,8 +387,8 @@ int VerifyKernelPreamble(const VbKernelPreambleHeader* preamble, return VBOOT_PREAMBLE_INVALID; } - /* Verify body signature is inside the block */ - if (VerifySignatureInside(preamble, preamble->preamble_size, + /* Verify body signature is inside the signed data */ + if (VerifySignatureInside(preamble, sig->data_size, &preamble->body_signature)) { VBDEBUG(("Kernel body signature off end of preamble\n")); return VBOOT_PREAMBLE_INVALID; |