tools: kwboot: Check for v1 header size
Too small invalid headers may cause kwboot to crash.
Check for header size of v1 images.
Signed-off-by: Pali Rohár <pali@kernel.org>
Reviewed-by: Marek Behún <marek.behun@nic.cz>
Reviewed-by: Stefan Roese <sr@denx.de>
Reviewed-by: Chris Packham <judge.packham@gmail.com>
Tested-by: Chris Packham <judge.packham@gmail.com>
diff --git a/tools/kwboot.c b/tools/kwboot.c
index c0ac4ce..1d32c1b 100644
--- a/tools/kwboot.c
+++ b/tools/kwboot.c
@@ -645,6 +645,11 @@
else
hdrsz = KWBHEADER_V1_SIZE(hdr);
+ if (size < hdrsz) {
+ errno = EINVAL;
+ goto out;
+ }
+
csum = kwboot_img_csum8(hdr, hdrsz) - hdr->checksum;
if (csum != hdr->checksum) {
errno = EINVAL;