tools: kwbimage: Verify size of v0 image header

Check that extended image header size is not larger than file size. Signed-off-by: Pali Rohár <[email protected]> Reviewed-by: Stefan Roese <[email protected]>
author: Pali Rohár <[email protected]> 2021-08-11 10:14:15 +0200
committer: Stefan Roese <[email protected]> 2021-09-01 08:07:04 +0200
commit: 33a0af2d8041b027cfbf6ab23c93026339aff142 (patch)
tree: 5761ca833bd6a59eb530a70c17ce3c5b6e813989 /tools
parent: b984056fa696e795625a2f5292859b73176f7713 (diff)
1 files changed, 3 insertions, 0 deletions
diff --git a/tools/kwbimage.c b/tools/kwbimage.c
index 542779ed484..4709c6d5442 100644
--- a/tools/kwbimage.c
+++ b/tools/kwbimage.c
@@ -1670,6 +1670,9 @@ static int kwbimage_verify_header(unsigned char *ptr, int image_size,
 		if (mhdr->ext & 0x1) {
 			struct ext_hdr_v0 *ext_hdr;
 
+			if (header_size + sizeof(*ext_hdr) > image_size)
+				return -FDT_ERR_BADSTRUCTURE;
+
 			ext_hdr = (struct ext_hdr_v0 *)
 				(ptr + sizeof(struct main_hdr_v0));
 			checksum = image_checksum8(ext_hdr,
author	Pali Rohár <[email protected]>	2021-08-11 10:14:15 +0200
committer	Stefan Roese <[email protected]>	2021-09-01 08:07:04 +0200
commit	33a0af2d8041b027cfbf6ab23c93026339aff142 (patch)
tree	5761ca833bd6a59eb530a70c17ce3c5b6e813989 /tools
parent	b984056fa696e795625a2f5292859b73176f7713 (diff)