cbfstool: check potential microcode update earlier

The update-fit command takes in a parameter for number of slots
in the FIT table. It then processes the microcobe blob in cbfs
adding those entries to the FIT table. However, the tracking of
the number of mircocode updates was incremented before validating
the update. Therefore, move the sanity checking before an increment
of the number of updates.

Change-Id: Ie8290f53316b251e500b88829fdcf9b5735c1b0e
Signed-off-by: Aaron Durbin <adurbin@chromium.org>
Reviewed-on: https://gerrit.chromium.org/gerrit/50319
Reviewed-by: Duncan Laurie <dlaurie@chromium.org>
Reviewed-on: http://review.coreboot.org/4161
Tested-by: build bot (Jenkins)
Reviewed-by: Ronald G. Minnich <rminnich@gmail.com>

1 files changed, 4 insertions, 4 deletions

diff --git a/util/cbfstool/fit.c b/util/cbfstool/fit.c
index 12a7e3b49f..02cfaee21d 100644
--- a/util/cbfstool/fit.c
+++ b/util/cbfstool/fit.c
@@ -206,6 +206,10 @@ static int parse_microcode_blob(struct cbfs_image *image,
 
 		mcu_header = rom_buffer_pointer(image, current_offset);
 
+		/* Quickly sanity check a prospective microcode update. */
+		if (mcu_header->total_size < sizeof(*mcu_header))
+			break;
+
 		/* FIXME: Should the checksum be validated? */
 		mcus[num_mcus].offset = current_offset;
 		mcus[num_mcus].size = mcu_header->total_size;
@@ -215,10 +219,6 @@ static int parse_microcode_blob(struct cbfs_image *image,
 		num_mcus++;
 		file_length -= mcus[num_mcus].size;
 
-		/* Can't determine any more entries. */
-		if (!mcu_header->total_size)
-			break;
-
 		/* Reached limit of FIT entries. */
 		if (num_mcus == *total_mcus)
 			break;