summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorAaron Durbin <adurbin@chromium.org>2013-05-07 11:14:01 -0500
committerStefan Reinauer <stefan.reinauer@coreboot.org>2013-11-25 23:24:57 +0100
commit8a0cb8de65572d6cb40cd36f06fa2567953eb390 (patch)
tree88d5e49288c31c31e762aadb02e9dfd6066ed251
parent71b81bb64c44bc4150a1a19565a8732a361ae1f7 (diff)
cbfstool: check potential microcode update earlier
The update-fit command takes in a parameter for number of slots in the FIT table. It then processes the microcobe blob in cbfs adding those entries to the FIT table. However, the tracking of the number of mircocode updates was incremented before validating the update. Therefore, move the sanity checking before an increment of the number of updates. Change-Id: Ie8290f53316b251e500b88829fdcf9b5735c1b0e Signed-off-by: Aaron Durbin <adurbin@chromium.org> Reviewed-on: https://gerrit.chromium.org/gerrit/50319 Reviewed-by: Duncan Laurie <dlaurie@chromium.org> Reviewed-on: http://review.coreboot.org/4161 Tested-by: build bot (Jenkins) Reviewed-by: Ronald G. Minnich <rminnich@gmail.com>
-rw-r--r--util/cbfstool/fit.c8
1 files changed, 4 insertions, 4 deletions
diff --git a/util/cbfstool/fit.c b/util/cbfstool/fit.c
index 12a7e3b49f..02cfaee21d 100644
--- a/util/cbfstool/fit.c
+++ b/util/cbfstool/fit.c
@@ -206,6 +206,10 @@ static int parse_microcode_blob(struct cbfs_image *image,
mcu_header = rom_buffer_pointer(image, current_offset);
+ /* Quickly sanity check a prospective microcode update. */
+ if (mcu_header->total_size < sizeof(*mcu_header))
+ break;
+
/* FIXME: Should the checksum be validated? */
mcus[num_mcus].offset = current_offset;
mcus[num_mcus].size = mcu_header->total_size;
@@ -215,10 +219,6 @@ static int parse_microcode_blob(struct cbfs_image *image,
num_mcus++;
file_length -= mcus[num_mcus].size;
- /* Can't determine any more entries. */
- if (!mcu_header->total_size)
- break;
-
/* Reached limit of FIT entries. */
if (num_mcus == *total_mcus)
break;