From a25b5d257dbfbff808b19bf8c48565435e6bef9d Mon Sep 17 00:00:00 2001 From: Julius Werner Date: Mon, 8 Feb 2016 11:46:22 -0800 Subject: lzma: Port size-checking ulzman() version to coreboot We've had a second version of ulzma() that would check the input and output buffer sizes in libpayload for a while now. Since it's generally never a bad idea to double-check for overruns, let's port it to coreboot and use it where applicable. (This requires a small fix in the four byte at a time read optimization we only have in coreboot, since it made the stream counter hit the end a little earlier than the algorithm liked and could trigger an assertion.) BRANCH=None BUG=None TEST=Booted Oak, Jerry and Falco. Change-Id: Id566b31dfa896ea1b991badf5a6ad9d075aef987 Signed-off-by: Julius Werner Reviewed-on: https://review.coreboot.org/13637 Tested-by: build bot (Jenkins) Reviewed-by: Aaron Durbin --- src/lib/lzmadecode.c | 7 +++++-- 1 file changed, 5 insertions(+), 2 deletions(-) (limited to 'src/lib/lzmadecode.c') diff --git a/src/lib/lzmadecode.c b/src/lib/lzmadecode.c index ada72260f2..fbf15964a6 100644 --- a/src/lib/lzmadecode.c +++ b/src/lib/lzmadecode.c @@ -29,9 +29,12 @@ #define kBitModelTotal (1 << kNumBitModelTotalBits) #define kNumMoveBits 5 -/* Use 32-bit reads whenever possible to avoid bad flash performance. */ +/* Use 32-bit reads whenever possible to avoid bad flash performance. Fall back + * to byte reads for last 4 bytes since RC_TEST returns an error when BufferLim + * is *reached* (not surpassed!), meaning we can't allow that to happen while + * there are still bytes to decode from the algorithm's point of view. */ #define RC_READ_BYTE (look_ahead_ptr < 4 ? look_ahead.raw[look_ahead_ptr++] \ - : ((((uintptr_t) Buffer & 3) || ((SizeT) (BufferLim - Buffer) < 4)) ? (*Buffer++) \ + : ((((uintptr_t) Buffer & 3) || ((SizeT) (BufferLim - Buffer) <= 4)) ? (*Buffer++) \ : ((look_ahead.dw = *(UInt32 *)Buffer), (Buffer += 4), (look_ahead_ptr = 1), look_ahead.raw[0]))) #define RC_INIT2 Code = 0; Range = 0xFFFFFFFF; \ -- cgit v1.2.3