Issue 3186013: Security fixes for LoadKernel()

Keyboard Shortcuts

	File
u :	up to issue
j / k :	jump to file after / before current file
J / K :	jump to next file with a comment after / before current file
	Side-by-side diff
i :	toggle intra-line diffs
e :	expand all comments
c :	collapse all comments
s :	toggle showing all comments
n / p :	next / previous diff chunk or comment
N / P :	next / previous comment
<Up> / <Down> :	next / previous line

	Issue
u :	up to list of issues
j / k :	jump to patch after / before current patch
o / <Enter> :	open current patch in side-by-side view
i :	open current patch in unified diff view

	Issue List
j / k :	jump to issue after / before current issue
o / <Enter> :	open current issue

Issue 3186013: Security fixes for LoadKernel() (Closed)

Created:
10 years, 4 months ago by Randall Spangler

Modified:
9 years, 7 months ago

Reviewers:
Bill Richardson

CC:
chromium-os-reviews_chromium.org, Randall Spangler, gauravsh, Luigi Semenzato, Bill Richardson

Base URL:
ssh://gitrw.chromium.org/vboot_reference.git

Visibility:
Public.

Description

Security fixes for LoadKernel() 1) kernel_subkey is one of the input parameters; not read off disk. KeyBlockVerify() now verifies it's not NULL unless we're only using the hash. 2) Added a check for kernel size vs. buffer size. 3) Added a check to make sure kbuf_sectors is nonzero. BUG=chrome-os-partner:704 TEST=make && make runtests

Patch Set 1 #

Total comments: 2

Patch Set 2 : Add local var for offset sectors #

Created: 10 years, 4 months ago

Download [raw] [tar.bz2]

		Unified diffs	Side-by-side diffs	Delta from patch set	Stats (+21 lines, -7 lines)			Patch
	M	firmware/lib/vboot_kernel.c	View	1	3 chunks	+20 lines, -6 lines	0 comments	Download
	M	firmware/version.c	View	1	1 chunk	+1 line, -1 line	0 comments	Download

Messages

Total messages: 4 (0 generated)

Expand Messages | Collapse Messages

Bill Richardson

Hm. http://codereview.chromium.org/3186013/diff/1/2 File firmware/lib/vboot_kernel.c (right): http://codereview.chromium.org/3186013/diff/1/2#newcode308 firmware/lib/vboot_kernel.c:308: body_offset /= blba; Use a new variable for ...

10 years, 4 months ago (2010-08-18 23:33:28 UTC) #2

Randall Spangler

PTAL http://codereview.chromium.org/3186013/diff/1/2 File firmware/lib/vboot_kernel.c (right): http://codereview.chromium.org/3186013/diff/1/2#newcode308 firmware/lib/vboot_kernel.c:308: body_offset /= blba; On 2010/08/18 23:33:28, Bill Richardson ...

10 years, 4 months ago (2010-08-19 00:19:28 UTC) #3

Thanks. LGTM.

Expand Messages | Collapse Messages