OrgZephyr/mcuboot
OrgZephyr
/
mcuboot
mirror of https://github.com/zephyrproject-rtos/mcuboot.git
1
0
Fork 0
Code Issues Releases Wiki Activity

boot: Check that hash TLV is sufficiently large 

Add a check for the size of the TLV entry for the boot record.
Although, this is in the protected area, and should be protected by a
signature, check that we don't induce an integer underflow if that entry
is somehow too short.

Signed-off-by: David Brown <david.brown@linaro.org>
This commit is contained in:
David Brown 2022-04-13 16:10:01 -06:00 committed by Andrzej Puzdrowski
parent 254714bebd
commit 9feea8c616
1 changed files with 7 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

7
boot/bootutil/src/boot_record.c
View File

@ -196,6 +196,13 @@ boot_save_boot_status(uint8_t sw_module,
return -1;
}
/* Ensure that we have enough in the record for the hash. This
* prevents an underflow in the calculation below.
*/
if (record_len < sizeof(image_hash)) {
return -1;
}
/* Update the measurement value (hash of the image) data item in the
* boot record. It is always the last item in the structure to make
* it easy to calculate its position.