From 8ae94c2d24d36d1469483c9923a4d7ecbc3910b0 Mon Sep 17 00:00:00 2001 From: Randall Spangler Date: Fri, 1 Apr 2011 13:35:46 -0700 Subject: Fix preamble range checks Change-Id: I0571f4524703566b8840e2b264d868c404f87c80 R=gauravsh@chromium.org,wfrichar@chromium.org BUG=chrome-os-partner:2910 TEST=make && make runtests Review URL: http://codereview.chromium.org/6759075 --- firmware/lib/vboot_common.c | 12 ++++++------ 1 file changed, 6 insertions(+), 6 deletions(-) diff --git a/firmware/lib/vboot_common.c b/firmware/lib/vboot_common.c index d9838c41..a20e16fb 100644 --- a/firmware/lib/vboot_common.c +++ b/firmware/lib/vboot_common.c @@ -333,15 +333,15 @@ int VerifyFirmwarePreamble(const VbFirmwarePreambleHeader* preamble, return VBOOT_PREAMBLE_INVALID; } - /* Verify body signature is inside the block */ - if (VerifySignatureInside(preamble, preamble->preamble_size, + /* Verify body signature is inside the signed data */ + if (VerifySignatureInside(preamble, sig->data_size, &preamble->body_signature)) { VBDEBUG(("Firmware body signature off end of preamble\n")); return VBOOT_PREAMBLE_INVALID; } - /* Verify kernel subkey is inside the block */ - if (VerifyPublicKeyInside(preamble, preamble->preamble_size, + /* Verify kernel subkey is inside the signed data */ + if (VerifyPublicKeyInside(preamble, sig->data_size, &preamble->kernel_subkey)) { VBDEBUG(("Kernel subkey off end of preamble\n")); return VBOOT_PREAMBLE_INVALID; @@ -387,8 +387,8 @@ int VerifyKernelPreamble(const VbKernelPreambleHeader* preamble, return VBOOT_PREAMBLE_INVALID; } - /* Verify body signature is inside the block */ - if (VerifySignatureInside(preamble, preamble->preamble_size, + /* Verify body signature is inside the signed data */ + if (VerifySignatureInside(preamble, sig->data_size, &preamble->body_signature)) { VBDEBUG(("Kernel body signature off end of preamble\n")); return VBOOT_PREAMBLE_INVALID; -- cgit v1.2.1