Patch Detail

HTTP 200 OK
Allow: GET, PUT, PATCH, HEAD, OPTIONS
Content-Type: application/json
Vary: Accept

{
    "id": 2074171,
    "url": "http://patchwork.ozlabs.org/api/patches/2074171/?format=api",
    "web_url": "http://patchwork.ozlabs.org/project/uboot/patch/20250417132718.2023555-4-jerome.forissier@linaro.org/",
    "project": {
        "id": 18,
        "url": "http://patchwork.ozlabs.org/api/projects/18/?format=api",
        "name": "U-Boot",
        "link_name": "uboot",
        "list_id": "u-boot.lists.denx.de",
        "list_email": "u-boot@lists.denx.de",
        "web_url": null,
        "scm_url": null,
        "webscm_url": null,
        "list_archive_url": "",
        "list_archive_url_format": "",
        "commit_url_format": ""
    },
    "msgid": "<20250417132718.2023555-4-jerome.forissier@linaro.org>",
    "list_archive_url": null,
    "date": "2025-04-17T13:26:59",
    "name": "[v5,3/4] net-lwip: wget: add LMB and buffer checks",
    "commit_ref": "e40c910e88a9a38ee1335ab1391dc2ee83993a65",
    "pull_url": null,
    "state": "accepted",
    "archived": false,
    "hash": "1fd40689749a430890d9df2de98547b8d083ec51",
    "submitter": {
        "id": 69192,
        "url": "http://patchwork.ozlabs.org/api/people/69192/?format=api",
        "name": "Jerome Forissier",
        "email": "jerome.forissier@linaro.org"
    },
    "delegate": {
        "id": 157425,
        "url": "http://patchwork.ozlabs.org/api/users/157425/?format=api",
        "username": "jforissier",
        "first_name": "Jerome",
        "last_name": "Forissier",
        "email": "jerome.forissier@linaro.org"
    },
    "mbox": "http://patchwork.ozlabs.org/project/uboot/patch/20250417132718.2023555-4-jerome.forissier@linaro.org/mbox/",
    "series": [
        {
            "id": 453241,
            "url": "http://patchwork.ozlabs.org/api/series/453241/?format=api",
            "web_url": "http://patchwork.ozlabs.org/project/uboot/list/?series=453241",
            "date": "2025-04-17T13:26:56",
            "name": "NET_LWIP LMB fixes",
            "version": 5,
            "mbox": "http://patchwork.ozlabs.org/series/453241/mbox/"
        }
    ],
    "comments": "http://patchwork.ozlabs.org/api/patches/2074171/comments/",
    "check": "pending",
    "checks": "http://patchwork.ozlabs.org/api/patches/2074171/checks/",
    "tags": {},
    "related": [],
    "headers": {
        "Return-Path": "<u-boot-bounces@lists.denx.de>",
        "X-Original-To": "incoming@patchwork.ozlabs.org",
        "Delivered-To": "patchwork-incoming@legolas.ozlabs.org",
        "Authentication-Results": [
            "legolas.ozlabs.org;\n\tdkim=pass (2048-bit key;\n unprotected) header.d=linaro.org header.i=@linaro.org header.a=rsa-sha256\n header.s=google header.b=w+l+8lxm;\n\tdkim-atps=neutral",
            "legolas.ozlabs.org;\n spf=pass (sender SPF authorized) smtp.mailfrom=lists.denx.de\n (client-ip=85.214.62.61; helo=phobos.denx.de;\n envelope-from=u-boot-bounces@lists.denx.de; receiver=patchwork.ozlabs.org)",
            "phobos.denx.de;\n dmarc=pass (p=none dis=none) header.from=linaro.org",
            "phobos.denx.de;\n spf=pass smtp.mailfrom=u-boot-bounces@lists.denx.de",
            "phobos.denx.de;\n\tdkim=pass (2048-bit key;\n unprotected) header.d=linaro.org header.i=@linaro.org header.b=\"w+l+8lxm\";\n\tdkim-atps=neutral",
            "phobos.denx.de;\n dmarc=pass (p=none dis=none) header.from=linaro.org",
            "phobos.denx.de;\n spf=pass smtp.mailfrom=jerome.forissier@linaro.org"
        ],
        "Received": [
            "from phobos.denx.de (phobos.denx.de [85.214.62.61])\n\t(using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits)\n\t key-exchange X25519 server-signature ECDSA (secp384r1))\n\t(No client certificate requested)\n\tby legolas.ozlabs.org (Postfix) with ESMTPS id 4Zddx13jY8z1yJL\n\tfor <incoming@patchwork.ozlabs.org>; Thu, 17 Apr 2025 23:27:33 +1000 (AEST)",
            "from h2850616.stratoserver.net (localhost [IPv6:::1])\n\tby phobos.denx.de (Postfix) with ESMTP id 6CFBA83045;\n\tThu, 17 Apr 2025 15:27:35 +0200 (CEST)",
            "by phobos.denx.de (Postfix, from userid 109)\n id 3D5118304A; Thu, 17 Apr 2025 15:27:34 +0200 (CEST)",
            "from mail-wr1-x42e.google.com (mail-wr1-x42e.google.com\n [IPv6:2a00:1450:4864:20::42e])\n (using TLSv1.3 with cipher TLS_AES_128_GCM_SHA256 (128/128 bits))\n (No client certificate requested)\n by phobos.denx.de (Postfix) with ESMTPS id 2A3AB82CA8\n for <u-boot@lists.denx.de>; Thu, 17 Apr 2025 15:27:32 +0200 (CEST)",
            "by mail-wr1-x42e.google.com with SMTP id\n ffacd0b85a97d-39ac56756f6so797111f8f.2\n for <u-boot@lists.denx.de>; Thu, 17 Apr 2025 06:27:32 -0700 (PDT)",
            "from builder.. ([2a01:e0a:3cb:7bb0:a07e:3f08:7eef:b036])\n by smtp.gmail.com with ESMTPSA id\n ffacd0b85a97d-39eae977513sm19951605f8f.42.2025.04.17.06.27.30\n (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256);\n Thu, 17 Apr 2025 06:27:31 -0700 (PDT)"
        ],
        "X-Spam-Checker-Version": "SpamAssassin 3.4.2 (2018-09-13) on phobos.denx.de",
        "X-Spam-Level": "",
        "X-Spam-Status": "No, score=-2.1 required=5.0 tests=BAYES_00,DKIM_SIGNED,\n DKIM_VALID,DKIM_VALID_AU,DKIM_VALID_EF,RCVD_IN_DNSWL_BLOCKED,\n SPF_HELO_NONE,SPF_PASS autolearn=ham autolearn_force=no version=3.4.2",
        "DKIM-Signature": "v=1; a=rsa-sha256; c=relaxed/relaxed;\n d=linaro.org; s=google; t=1744896451; x=1745501251; darn=lists.denx.de;\n h=content-transfer-encoding:mime-version:references:in-reply-to\n :message-id:date:subject:cc:to:from:from:to:cc:subject:date\n :message-id:reply-to;\n bh=NH2Pl2IO51nijsyi+Ru2HA3FymfKngVtLYLV5gURHcg=;\n b=w+l+8lxmuwbgDX9PjM+xgrpUWc/yqxLVQKFznMWNWXxpuhHYXNpRv1L5AVpYCLI/nv\n OE+EwL9eMmBYP3gM+89/tUUJCIHeS1bTDqH7O/cbiqpwutGWwaQ/+9DF6VKQyQw8C/pB\n BElP4A4lrPuitJojKcOa0tOgdk0cn6yJxzUXqGAW5Br1ZI2mTDlK6QMwTAKyCwXJFcOR\n pJ4y128NLIpofs+ER5VStOgEIi14AxWJZBgWFd/w/R4eDiYs+8tN/wPTN1tg6pJXrKcA\n 8YmshZGsjZtfqrXNxmq7hAH2kLUvPfDLXtdhvhIBAsUPKjY/tVVEHxG852t3oWU2kk5b\n y/Qw==",
        "X-Google-DKIM-Signature": "v=1; a=rsa-sha256; c=relaxed/relaxed;\n d=1e100.net; s=20230601; t=1744896451; x=1745501251;\n h=content-transfer-encoding:mime-version:references:in-reply-to\n :message-id:date:subject:cc:to:from:x-gm-message-state:from:to:cc\n :subject:date:message-id:reply-to;\n bh=NH2Pl2IO51nijsyi+Ru2HA3FymfKngVtLYLV5gURHcg=;\n b=a8+rHDmYGI4ZcR2eeu9R/f3a/3CYg71pPW2yaT2IXVAO6jmOxwKED18NVHHyUW6H82\n wx2Eu87lifw1yluCXCrR+oPhPW+KQuGMBUVfjswPYrDWAU/D5lsJHGm05N8BwrDgkwOF\n u6r5VZ9Cgrp7nZDNpu6b6By8IY36C2qEOHh3tVK7FfQJpRv5dpSMcJEwTjn/7Cl6JkB4\n H5tJ6zwfzIzRgBDmvBSFQYif+wOwzmbXQcH2m5UAQS6Dzpmql2iwtf6CJGLGzDbexQ2l\n WizljagaECOQQvSpFp5i0dkzcrH6k0nhBHdlqyNxXNKPnpZ97OsQehBhoEcwPd67epP/\n hpZw==",
        "X-Gm-Message-State": "AOJu0Yw4s7SJMT4YmWBc5+AYe5yHq3luW80UoH83JfJ5zobrJ4mHftUZ\n dIGHMxGB3QZxRSi0LhyCWBMu0uhQpuP3G2MZ17U/5jPyVO5lWhbz2PSru+DBCj2bndadk3ZxH79\n 8kx0=",
        "X-Gm-Gg": "ASbGnct6Pi3DSFCh9qCerNDF7kbjX1DhzNQL2EVajaJORIY5zUFSbf6OfUeEHbhYa48\n a2p4wiWN8n7jVGO/wP4jS7ZjFtjTk4Tts8IDVNtGraBZPj5bdfIHOOSPZXZsyjje9LTdYwlfrtn\n Az/V/MgNTbgWuBgMO+PfsLXnHkAjuSEB2ok04tj0r1++eTKuIly8X+aeaYNPeMip6VN4zwEn0Ml\n fLCDcjxD5dDgPFgZ8i6Qyyi25uUn0mE2frnCxPxo7vDjDtnQ+mL9KaEGXE6Io0HMmo1xbkx+rQK\n FFy0q2CfaaPgl4BJAm/QHY/5urPVQAJAJi0H+gQGFFgntpEkaw==",
        "X-Google-Smtp-Source": "\n AGHT+IGo60Y2iDX91mNBXvoAzT8ALtlfVVJbkoF7mKwM5C5Wba7bWInZ/y4TkAac1kKjq+0sciWZcQ==",
        "X-Received": "by 2002:a05:6000:18ab:b0:39c:1f02:44ae with SMTP id\n ffacd0b85a97d-39ee5b35dbemr5924491f8f.27.1744896451434;\n Thu, 17 Apr 2025 06:27:31 -0700 (PDT)",
        "From": "Jerome Forissier <jerome.forissier@linaro.org>",
        "To": "U-Boot mailing list <u-boot@lists.denx.de>",
        "Cc": "Jerome Forissier <jerome.forissier@linaro.org>,\n Sughosh Ganu <sughosh.ganu@linaro.org>,\n Adriano Cordova <adrianox@gmail.com>,\n Heinrich Schuchardt <xypron.glpk@gmx.de>,\n Ilias Apalodimas <ilias.apalodimas@linaro.org>,\n Joe Hershberger <joe.hershberger@ni.com>,\n Ramon Fried <rfried.dev@gmail.com>, Tom Rini <trini@konsulko.com>",
        "Subject": "[PATCH v5 3/4] net-lwip: wget: add LMB and buffer checks",
        "Date": "Thu, 17 Apr 2025 15:26:59 +0200",
        "Message-ID": "<20250417132718.2023555-4-jerome.forissier@linaro.org>",
        "X-Mailer": "git-send-email 2.43.0",
        "In-Reply-To": "<20250417132718.2023555-1-jerome.forissier@linaro.org>",
        "References": "<20250417132718.2023555-1-jerome.forissier@linaro.org>",
        "MIME-Version": "1.0",
        "Content-Transfer-Encoding": "8bit",
        "X-BeenThere": "u-boot@lists.denx.de",
        "X-Mailman-Version": "2.1.39",
        "Precedence": "list",
        "List-Id": "U-Boot discussion <u-boot.lists.denx.de>",
        "List-Unsubscribe": "<https://lists.denx.de/options/u-boot>,\n <mailto:u-boot-request@lists.denx.de?subject=unsubscribe>",
        "List-Archive": "<https://lists.denx.de/pipermail/u-boot/>",
        "List-Post": "<mailto:u-boot@lists.denx.de>",
        "List-Help": "<mailto:u-boot-request@lists.denx.de?subject=help>",
        "List-Subscribe": "<https://lists.denx.de/listinfo/u-boot>,\n <mailto:u-boot-request@lists.denx.de?subject=subscribe>",
        "Errors-To": "u-boot-bounces@lists.denx.de",
        "Sender": "\"U-Boot\" <u-boot-bounces@lists.denx.de>",
        "X-Virus-Scanned": "clamav-milter 0.103.8 at phobos.denx.de",
        "X-Virus-Status": "Clean"
    },
    "content": "Legacy NET wget invokes a store_block() function which performs buffer\nvalidation (LMB, address wrapping). Do the same with NET_LWIP.\n\nSigned-off-by: Jerome Forissier <jerome.forissier@linaro.org>\nSuggested-by: Sughosh Ganu <sughosh.ganu@linaro.org>\nAcked-by: Sughosh Ganu <sughosh.ganu@linaro.org>\n---\n\n(no changes since v4)\n\nChanges in v4:\n- The 'silent' boolean in stored in struct wget_http_info (same as NET)\n\nChanges in v3:\n- store_block(): add Sphinx-like documentation\n- store_block(): do not print to the console if ctx->silent\n\nChanges in v2:\n- httpc_recv_cb(): add a call to altcp_abort(). Otherwise the transfer\ncontinues and we try to write later blocks which makes no sense if one\nhas been rejected already. Thanks Sughosh G. for testing and reporting.\n\n net/lwip/wget.c | 64 ++++++++++++++++++++++++++++++++++++++++++-------\n 1 file changed, 55 insertions(+), 9 deletions(-)",
    "diff": "diff --git a/net/lwip/wget.c b/net/lwip/wget.c\nindex 63583e4c6e7..4ec00de96b2 100644\n--- a/net/lwip/wget.c\n+++ b/net/lwip/wget.c\n@@ -6,6 +6,7 @@\n #include <display_options.h>\n #include <efi_loader.h>\n #include <image.h>\n+#include <linux/kconfig.h>\n #include <lwip/apps/http_client.h>\n #include \"lwip/altcp_tls.h\"\n #include <lwip/errno.h>\n@@ -202,11 +203,58 @@ static int parse_legacy_arg(char *arg, char *nurl, size_t rem)\n \treturn 0;\n }\n \n+/**\n+ * store_block() - copy received data\n+ *\n+ * This function is called by the receive callback to copy a block of data\n+ * into its final location (ctx->daddr). Before doing so, it checks if the copy\n+ * is allowed.\n+ *\n+ * @ctx: the context for the current transfer\n+ * @src: the data received from the TCP stack\n+ * @len: the length of the data\n+ */\n+static int store_block(struct wget_ctx *ctx, void *src, u16_t len)\n+{\n+\tulong store_addr = ctx->daddr;\n+\tuchar *ptr;\n+\n+\t/* Avoid overflow */\n+\tif (wget_info->buffer_size && wget_info->buffer_size < ctx->size + len)\n+\t\treturn -1;\n+\n+\tif (CONFIG_IS_ENABLED(LMB) && wget_info->set_bootdev) {\n+\t\tif (store_addr + len < store_addr ||\n+\t\t    lmb_read_check(store_addr, len)) {\n+\t\t\tif (!wget_info->silent) {\n+\t\t\t\tprintf(\"\\nwget error: \");\n+\t\t\t\tprintf(\"trying to overwrite reserved memory\\n\");\n+\t\t\t}\n+\t\t\treturn -1;\n+\t\t}\n+\t}\n+\n+\tptr = map_sysmem(store_addr, len);\n+\tmemcpy(ptr, src, len);\n+\tunmap_sysmem(ptr);\n+\n+\tctx->daddr += len;\n+\tctx->size += len;\n+\tif (ctx->size - ctx->prevsize > PROGRESS_PRINT_STEP_BYTES) {\n+\t\tif (!wget_info->silent)\n+\t\t\tprintf(\"#\");\n+\t\tctx->prevsize = ctx->size;\n+\t}\n+\n+\treturn 0;\n+}\n+\n static err_t httpc_recv_cb(void *arg, struct altcp_pcb *pcb, struct pbuf *pbuf,\n \t\t\t   err_t err)\n {\n \tstruct wget_ctx *ctx = arg;\n \tstruct pbuf *buf;\n+\terr_t ret;\n \n \tif (!pbuf)\n \t\treturn ERR_BUF;\n@@ -215,19 +263,17 @@ static err_t httpc_recv_cb(void *arg, struct altcp_pcb *pcb, struct pbuf *pbuf,\n \t\tctx->start_time = get_timer(0);\n \n \tfor (buf = pbuf; buf; buf = buf->next) {\n-\t\tmemcpy((void *)ctx->daddr, buf->payload, buf->len);\n-\t\tctx->daddr += buf->len;\n-\t\tctx->size += buf->len;\n-\t\tif (!wget_info->silent &&\n-\t\t    ctx->size - ctx->prevsize > PROGRESS_PRINT_STEP_BYTES) {\n-\t\t\tprintf(\"#\");\n-\t\t\tctx->prevsize = ctx->size;\n+\t\tif (store_block(ctx, buf->payload, buf->len) < 0) {\n+\t\t\taltcp_abort(pcb);\n+\t\t\tret = ERR_BUF;\n+\t\t\tgoto out;\n \t\t}\n \t}\n-\n \taltcp_recved(pcb, pbuf->tot_len);\n+\tret = ERR_OK;\n+out:\n \tpbuf_free(pbuf);\n-\treturn ERR_OK;\n+\treturn ret;\n }\n \n static void httpc_result_cb(void *arg, httpc_result_t httpc_result,\n",
    "prefixes": [
        "v5",
        "3/4"
    ]
}