tools: kwboot: Check for v1 header size Too small invalid headers may cause kwboot to crash. Check for header size of v1 images. Signed-off-by: Pali Rohár <pali@kernel.org> Reviewed-by: Marek Behún <marek.behun@nic.cz> Reviewed-by: Stefan Roese <sr@denx.de> Reviewed-by: Chris Packham <judge.packham@gmail.com> Tested-by: Chris Packham <judge.packham@gmail.com>

commit: 1228116c90d0ae36f8eed928906cb193e51fa0f2 [log] [tgz]
author: Pali Rohár <pali@kernel.org> Fri Jul 23 11:14:21 2021 +0200
committer: Stefan Roese <sr@denx.de> Sat Jul 31 09:49:32 2021 +0200
tree: bccace9fd8fb11ffe27079df26f825a266fe618f
parent: 48615ba337bc4b87ba4d5c76968b5f89c20e05a5 [diff]
diff --git a/tools/kwboot.c b/tools/kwboot.c
index c0ac4ce..1d32c1b 100644
--- a/tools/kwboot.c
+++ b/tools/kwboot.c

@@ -645,6 +645,11 @@
 	else
 		hdrsz = KWBHEADER_V1_SIZE(hdr);
 
+	if (size < hdrsz) {
+		errno = EINVAL;
+		goto out;
+	}
+
 	csum = kwboot_img_csum8(hdr, hdrsz) - hdr->checksum;
 	if (csum != hdr->checksum) {
 		errno = EINVAL;
commit	1228116c90d0ae36f8eed928906cb193e51fa0f2	[log] [tgz]
author	Pali Rohár <pali@kernel.org>	Fri Jul 23 11:14:21 2021 +0200
committer	Stefan Roese <sr@denx.de>	Sat Jul 31 09:49:32 2021 +0200
tree	bccace9fd8fb11ffe27079df26f825a266fe618f
parent	48615ba337bc4b87ba4d5c76968b5f89c20e05a5 [diff]