validate_rec_mrc: Check size before reading metadata

This change ensures that the slot_len is enough to hold the metadata before attempting to actually read it. BUG=None BRANCH=None TEST=None Change-Id: Ief50edccc7a73c2c3002f772c616e4ed5557ecbd Signed-off-by: Furquan Shaikh <furquan@google.com> Reviewed-on: https://chromium-review.googlesource.com/1212528 Commit-Ready: Furquan Shaikh <furquan@chromium.org> Tested-by: Furquan Shaikh <furquan@chromium.org> Reviewed-by: Hung-Te Lin <hungte@chromium.org>
author: Furquan Shaikh <furquan@google.com> 2018-09-07 00:00:10 -0700
committer: chrome-bot <chrome-bot@chromium.org> 2018-09-07 14:29:04 -0700
commit: 5ed334d26cba9be660ad46c186e46e830993aa98 (patch)
tree: 87ee9be40532438c3bf34a735f1e58b637eaa997
parent: 9fa18683c9b55d47d0ef530b5bd5a057d04b782a (diff)
download: vboot-5ed334d26cba9be660ad46c186e46e830993aa98.tar.gz
1 files changed, 6 insertions, 0 deletions
diff --git a/futility/cmd_validate_rec_mrc.c b/futility/cmd_validate_rec_mrc.c
index 6c068069..e4b57d89 100644
--- a/futility/cmd_validate_rec_mrc.c
+++ b/futility/cmd_validate_rec_mrc.c
@@ -84,6 +84,12 @@ unsigned long compute_ip_checksum(const void *addr, unsigned long length)
 static int verify_mrc_slot(struct mrc_metadata *md, unsigned long slot_len)
 {
 	uint32_t header_checksum;
+
+	if (slot_len < sizeof(*md)) {
+		fprintf(stderr, "Slot too small!\n");
+		return 1;
+	}
+
 	if (md->signature != MRC_DATA_SIGNATURE) {
 		fprintf(stderr, "MRC signature mismatch\n");
 		return 1;
author	Furquan Shaikh <furquan@google.com>	2018-09-07 00:00:10 -0700
committer	chrome-bot <chrome-bot@chromium.org>	2018-09-07 14:29:04 -0700
commit	5ed334d26cba9be660ad46c186e46e830993aa98 (patch)
tree	87ee9be40532438c3bf34a735f1e58b637eaa997
parent	9fa18683c9b55d47d0ef530b5bd5a057d04b782a (diff)
download	vboot-5ed334d26cba9be660ad46c186e46e830993aa98.tar.gz