From c38fe37ca1da6c8b682ddb74f79b139cda99fa7f Mon Sep 17 00:00:00 2001
From: Edward O'Callaghan <quasisec@google.com>
Date: Wed, 9 Mar 2022 12:00:39 +1100
Subject: host/lib/flashrom_drv.c: Ensure buffer is large enough in write op

BUG=b:207808292
BRANCH=none
TEST=emerge-octopus and cros deploy'ed

Signed-off-by: Edward O'Callaghan <quasisec@google.com>
Change-Id: I8a8f941f224416d872592d6cc2de4caf058cb5bc
Reviewed-on: https://chromium-review.googlesource.com/c/chromiumos/platform/vboot_reference/+/3512274
Reviewed-by: Hung-Te Lin <hungte@chromium.org>
Tested-by: Edward O'Callaghan <quasisec@chromium.org>
Auto-Submit: Edward O'Callaghan <quasisec@chromium.org>
Reviewed-by: Nikolai Artemiev <nartemiev@google.com>
Commit-Queue: Nikolai Artemiev <nartemiev@google.com>
---
 host/lib/flashrom_drv.c | 3 +++
 1 file changed, 3 insertions(+)

(limited to 'host')

diff --git a/host/lib/flashrom_drv.c b/host/lib/flashrom_drv.c
index 026c2c15..19d6384e 100644
--- a/host/lib/flashrom_drv.c
+++ b/host/lib/flashrom_drv.c
@@ -189,6 +189,9 @@ int flashrom_write_image(const struct firmware_image *image,
 			}
 		}
 		flashrom_layout_set(flashctx, layout);
+	} else if (image->size != len) {
+		r = -1;
+		goto err_cleanup;
 	}
 
 	flashrom_flag_set(flashctx, FLASHROM_FLAG_VERIFY_WHOLE_CHIP, false);
-- 
cgit v1.2.1