Before reading image header, verify that image size is at least size of the image header.
Signed-off-by: Pali Rohár pali@kernel.org --- tools/default_image.c | 6 ++++++ 1 file changed, 6 insertions(+)
diff --git a/tools/default_image.c b/tools/default_image.c index 4a067e65862e..4aa9a33241cb 100644 --- a/tools/default_image.c +++ b/tools/default_image.c @@ -49,6 +49,12 @@ static int image_verify_header(unsigned char *ptr, int image_size, struct legacy_img_hdr header; struct legacy_img_hdr *hdr = &header;
+ if (image_size < sizeof(struct legacy_img_hdr)) { + debug("%s: Bad image size: "%s" is no valid image\n", + params->cmdname, params->imagefile); + return -FDT_ERR_BADSTRUCTURE; + } + /* * create copy of header so that we can blank out the * checksum field for checking - this can't be done