diff options
author | Jakub Czapiga <jacz@semihalf.com> | 2021-09-09 09:20:37 +0200 |
---|---|---|
committer | Julius Werner <jwerner@chromium.org> | 2021-09-13 20:06:00 +0000 |
commit | 8edbba4cc48ea42978cd95de015170288b86c3c3 (patch) | |
tree | ff10858b5e631148380e5c783bdb37d04764b8f8 /src/ec | |
parent | 615cdfcdb9bf826d4815f0d7e7d9961da5bf33d0 (diff) |
cbfs: Prevent overflow and infinite loop in cbfs_walk
CBFS file with lenth of (UINT32_MAX - cbfs_file.offset + 1) causes
overflow, making cbfs_walk() being stuck in an infinite loop, and
checking the same file. This patch makes cbfs_walk() skip file headers
with incorrect data_offset or data_length.
Signed-off-by: Jakub Czapiga <jacz@semihalf.com>
Change-Id: I70020e347087cbd8134a1a60177fa9eef63fb7bd
Reviewed-on: https://review.coreboot.org/c/coreboot/+/57525
Tested-by: build bot (Jenkins) <no-reply@coreboot.org>
Reviewed-by: Julius Werner <jwerner@chromium.org>
Diffstat (limited to 'src/ec')
0 files changed, 0 insertions, 0 deletions