Message ID | 20210508220021.1778080-13-sjg@chromium.org |
---|---|
State | Changes Requested |
Delegated to: | Tom Rini |
Headers | show
Return-Path: <u-boot-bounces@lists.denx.de> X-Original-To: incoming@patchwork.ozlabs.org Delivered-To: patchwork-incoming@bilbo.ozlabs.org Authentication-Results: ozlabs.org; spf=pass (sender SPF authorized) smtp.mailfrom=lists.denx.de (client-ip=85.214.62.61; helo=phobos.denx.de; envelope-from=u-boot-bounces@lists.denx.de; receiver=<UNKNOWN>) Authentication-Results: ozlabs.org; dkim=pass (1024-bit key; unprotected) header.d=chromium.org header.i=@chromium.org header.a=rsa-sha256 header.s=google header.b=W39yhkOt; dkim-atps=neutral Received: from phobos.denx.de (phobos.denx.de [85.214.62.61]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits)) (No client certificate requested) by ozlabs.org (Postfix) with ESMTPS id 4Fd1YH3D0Cz9tlZ for <incoming@patchwork.ozlabs.org>; Sun, 9 May 2021 08:03:47 +1000 (AEST) Received: from h2850616.stratoserver.net (localhost [IPv6:::1]) by phobos.denx.de (Postfix) with ESMTP id 1087682EDB; Sun, 9 May 2021 00:02:08 +0200 (CEST) Authentication-Results: phobos.denx.de; dmarc=pass (p=none dis=none) header.from=chromium.org Authentication-Results: phobos.denx.de; spf=pass smtp.mailfrom=u-boot-bounces@lists.denx.de Authentication-Results: phobos.denx.de; dkim=pass (1024-bit key; unprotected) header.d=chromium.org header.i=@chromium.org header.b="W39yhkOt"; dkim-atps=neutral Received: by phobos.denx.de (Postfix, from userid 109) id 6525582E9C; Sun, 9 May 2021 00:01:28 +0200 (CEST) X-Spam-Checker-Version: SpamAssassin 3.4.2 (2018-09-13) on phobos.denx.de X-Spam-Level: X-Spam-Status: No, score=-2.7 required=5.0 tests=BAYES_00,DKIMWL_WL_HIGH, DKIM_SIGNED,DKIM_VALID,DKIM_VALID_AU,SPF_HELO_NONE autolearn=ham autolearn_force=no version=3.4.2 Received: from mail-io1-xd30.google.com (mail-io1-xd30.google.com [IPv6:2607:f8b0:4864:20::d30]) (using TLSv1.3 with cipher TLS_AES_128_GCM_SHA256 (128/128 bits)) (No client certificate requested) by phobos.denx.de (Postfix) with ESMTPS id 61C1C82EA1 for <u-boot@lists.denx.de>; Sun, 9 May 2021 00:00:38 +0200 (CEST) Authentication-Results: phobos.denx.de; dmarc=pass (p=none dis=none) header.from=chromium.org Authentication-Results: phobos.denx.de; spf=pass smtp.mailfrom=sjg@chromium.org Received: by mail-io1-xd30.google.com with SMTP id i7so3844113ioa.12 for <u-boot@lists.denx.de>; Sat, 08 May 2021 15:00:38 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=chromium.org; s=google; h=from:to:cc:subject:date:message-id:in-reply-to:references :mime-version:content-transfer-encoding; bh=qHUV+4vozvnSgmpIJKhenPWkqUONe4it/INXR0/2Myw=; b=W39yhkOtK19dSwh71BuLzOIUXQVAcpLb8Zd+1F0W1uVlCDaLvLzn8W3aZ4RCWXOeck V/kaLCNGcHHp2QeA8tAOMb1hk2//oHvJ5kC9zvPypdSJq3wDQHU1YyieUw0Tq4ZSbEMl V4UEFuaBiXsvhyo24cAn56V7mMXQ8TXYO453A= X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:from:to:cc:subject:date:message-id:in-reply-to :references:mime-version:content-transfer-encoding; bh=qHUV+4vozvnSgmpIJKhenPWkqUONe4it/INXR0/2Myw=; b=DvtONbNUc9pja6QvHOvsF9Zws0lwAV4A5xB2svdSLKgtFyFBkDeLJAtg4AcLpY5mYY QyTjY5WCtlCPcb59+YgASetpu0tMyK2ohkjymtDcUgrwcU1PLWR/uXC9e4Kf89U1HeeC RsLgE1JdKpdScNIPf38OoCTxR1Upcbky1sEmKnSbHC8oBGQs8Fb+ECSWVixxMZ+/RynZ hMCbLPQ2lv2XBhL59C7UshsocNhFewXj4Xy2W/OxBnE1I3j/w6nuWbpa+MugPG/nVUh+ 35VwaeuNgxSL8JMbncBcfkOoGdiccAoY2e1jEc2RctXx0RsYk6P7SGoVW28xQbuhKJdI NxHw== X-Gm-Message-State: AOAM533Mls9MxU3hxXH9SsgJYxwb9WThYAC0S1PH0vOvT9FxYhEVjav+ dQfR0S4l7e71yPxoySRlDn2UoO035/sEAb6X X-Google-Smtp-Source: ABdhPJwcns+DScP9UFO7fd76A3+c2Q6TX6WBXh9pBeBPZhl12kHkk3L5qQHmcelhTEjuUQWCWfQyCw== X-Received: by 2002:a02:cbac:: with SMTP id v12mr15127698jap.51.1620511236970; Sat, 08 May 2021 15:00:36 -0700 (PDT) Received: from kiwi.bld.corp.google.com (c-67-190-101-114.hsd1.co.comcast.net. [67.190.101.114]) by smtp.gmail.com with ESMTPSA id t7sm5195196ile.87.2021.05.08.15.00.36 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Sat, 08 May 2021 15:00:36 -0700 (PDT) From: Simon Glass <sjg@chromium.org> To: U-Boot Mailing List <u-boot@lists.denx.de> Cc: Tom Rini <trini@konsulko.com>, Simon Glass <sjg@chromium.org>, Bin Meng <bmeng.cn@gmail.com>, Stefan Reinauer <reinauer@chromium.org> Subject: [PATCH 12/17] cbfs: Check offset range when reading a file Date: Sat, 8 May 2021 16:00:16 -0600 Message-Id: <20210508220021.1778080-13-sjg@chromium.org> X-Mailer: git-send-email 2.31.1.607.g51e8a6a459-goog In-Reply-To: <20210508220021.1778080-1-sjg@chromium.org> References: <20210508220021.1778080-1-sjg@chromium.org> MIME-Version: 1.0 Content-Transfer-Encoding: 8bit X-BeenThere: u-boot@lists.denx.de X-Mailman-Version: 2.1.34 Precedence: list List-Id: U-Boot discussion <u-boot.lists.denx.de> List-Unsubscribe: <https://lists.denx.de/options/u-boot>, <mailto:u-boot-request@lists.denx.de?subject=unsubscribe> List-Archive: <https://lists.denx.de/pipermail/u-boot/> List-Post: <mailto:u-boot@lists.denx.de> List-Help: <mailto:u-boot-request@lists.denx.de?subject=help> List-Subscribe: <https://lists.denx.de/listinfo/u-boot>, <mailto:u-boot-request@lists.denx.de?subject=subscribe> Errors-To: u-boot-bounces@lists.denx.de Sender: "U-Boot" <u-boot-bounces@lists.denx.de> X-Virus-Scanned: clamav-milter 0.102.4 at phobos.denx.de X-Virus-Status: Clean |
Series |
Fix various coverity warnings
|
expand
|
diff --git a/fs/cbfs/cbfs.c b/fs/cbfs/cbfs.c index 415ea28b871..3e905c74e58 100644 --- a/fs/cbfs/cbfs.c +++ b/fs/cbfs/cbfs.c @@ -167,6 +167,8 @@ static int file_cbfs_next_file(struct cbfs_priv *priv, void *start, int size, } swap_file_header(&header, file_header); + if (header.offset >= size) + return log_msg_ret("range", -E2BIG); ret = fill_node(node, start, &header); if (ret) { priv->result = CBFS_BAD_FILE;
Add a check that the offset is within the allowed range. Signed-off-by: Simon Glass <sjg@chromium.org> Reported-by: Coverity (CID: 331155) --- fs/cbfs/cbfs.c | 2 ++ 1 file changed, 2 insertions(+)