Chromium Code Reviews
chromiumcodereview-hr@appspot.gserviceaccount.com (chromiumcodereview-hr) | Please choose your nickname with Settings | Help | Chromium Project | Gerrit Changes | Sign out
(555)

Issues Search
    My Issues | Starred     Open | Closed | All

Side by Side Diff: firmware/lib/vboot_common.c

Issue 6745027: Add additional checks for size greater than header size. (Closed) Base URL: ssh://gitrw.chromium.org:9222/vboot_reference.git@master
Patch Set: Created 9 years, 9 months ago
Use n/p to move between diff chunks; N/P to move between comments. Draft comments are only viewable by you.
Jump to:
View unified diff | Download patch | Annotate | Revision Log
« no previous file with comments | « no previous file | no next file » | no next file with comments »
Toggle Intra-line Diffs ('i') | Expand Comments ('e') | Collapse Comments ('c') | Show Comments Hide Comments ('s')
OLDNEW
1 /* Copyright (c) 2011 The Chromium OS Authors. All rights reserved. 1 /* Copyright (c) 2011 The Chromium OS Authors. All rights reserved.
2 * Use of this source code is governed by a BSD-style license that can be 2 * Use of this source code is governed by a BSD-style license that can be
3 * found in the LICENSE file. 3 * found in the LICENSE file.
4 * 4 *
5 * Common functions between firmware and kernel verified boot. 5 * Common functions between firmware and kernel verified boot.
6 * (Firmware portion) 6 * (Firmware portion)
7 */ 7 */
8 8
9 9
10 #include "vboot_common.h" 10 #include "vboot_common.h"
(...skipping 160 matching lines...) Expand 10 before | Expand all | Expand 10 after
171 return 0; 171 return 0;
172 } 172 }
173 173
174 174
175 int KeyBlockVerify(const VbKeyBlockHeader* block, uint64_t size, 175 int KeyBlockVerify(const VbKeyBlockHeader* block, uint64_t size,
176 const VbPublicKey *key, int hash_only) { 176 const VbPublicKey *key, int hash_only) {
177 177
178 const VbSignature* sig; 178 const VbSignature* sig;
179 179
180 /* Sanity checks before attempting signature of data */ 180 /* Sanity checks before attempting signature of data */
181 if(size < sizeof(VbKeyBlockHeader)) {
182 VBDEBUG(("Not enough space for key block header.\n"));
183 return VBOOT_KEY_BLOCK_INVALID;
184 }
181 if (SafeMemcmp(block->magic, KEY_BLOCK_MAGIC, KEY_BLOCK_MAGIC_SIZE)) { 185 if (SafeMemcmp(block->magic, KEY_BLOCK_MAGIC, KEY_BLOCK_MAGIC_SIZE)) {
182 VBDEBUG(("Not a valid verified boot key block.\n")); 186 VBDEBUG(("Not a valid verified boot key block.\n"));
183 return VBOOT_KEY_BLOCK_INVALID; 187 return VBOOT_KEY_BLOCK_INVALID;
184 } 188 }
185 if (block->header_version_major != KEY_BLOCK_HEADER_VERSION_MAJOR) { 189 if (block->header_version_major != KEY_BLOCK_HEADER_VERSION_MAJOR) {
186 VBDEBUG(("Incompatible key block header version.\n")); 190 VBDEBUG(("Incompatible key block header version.\n"));
187 return VBOOT_KEY_BLOCK_INVALID; 191 return VBOOT_KEY_BLOCK_INVALID;
188 } 192 }
189 if (size < block->key_block_size) { 193 if (size < block->key_block_size) {
190 VBDEBUG(("Not enough data for key block.\n")); 194 VBDEBUG(("Not enough data for key block.\n"));
(...skipping 94 matching lines...) Expand 10 before | Expand all | Expand 10 after
285 return VBOOT_SUCCESS; 289 return VBOOT_SUCCESS;
286 } 290 }
287 291
288 292
289 int VerifyFirmwarePreamble(const VbFirmwarePreambleHeader* preamble, 293 int VerifyFirmwarePreamble(const VbFirmwarePreambleHeader* preamble,
290 uint64_t size, const RSAPublicKey* key) { 294 uint64_t size, const RSAPublicKey* key) {
291 295
292 const VbSignature* sig = &preamble->preamble_signature; 296 const VbSignature* sig = &preamble->preamble_signature;
293 297
294 /* Sanity checks before attempting signature of data */ 298 /* Sanity checks before attempting signature of data */
299 if(size < sizeof(VbFirmwarePreambleHeader)) {
300 VBDEBUG(("Not enough data for preamble header.\n"));
301 return VBOOT_PREAMBLE_INVALID;
302 }
295 if (preamble->header_version_major != 303 if (preamble->header_version_major !=
296 FIRMWARE_PREAMBLE_HEADER_VERSION_MAJOR) { 304 FIRMWARE_PREAMBLE_HEADER_VERSION_MAJOR) {
297 VBDEBUG(("Incompatible firmware preamble header version.\n")); 305 VBDEBUG(("Incompatible firmware preamble header version.\n"));
298 return VBOOT_PREAMBLE_INVALID; 306 return VBOOT_PREAMBLE_INVALID;
299 } 307 }
300 if (size < preamble->preamble_size) { 308 if (size < preamble->preamble_size) {
301 VBDEBUG(("Not enough data for preamble.\n")); 309 VBDEBUG(("Not enough data for preamble.\n"));
302 return VBOOT_PREAMBLE_INVALID; 310 return VBOOT_PREAMBLE_INVALID;
303 } 311 }
304 312
(...skipping 38 matching lines...) Expand 10 before | Expand all | Expand 10 after
343 return VBOOT_SUCCESS; 351 return VBOOT_SUCCESS;
344 } 352 }
345 353
346 354
347 int VerifyKernelPreamble(const VbKernelPreambleHeader* preamble, 355 int VerifyKernelPreamble(const VbKernelPreambleHeader* preamble,
348 uint64_t size, const RSAPublicKey* key) { 356 uint64_t size, const RSAPublicKey* key) {
349 357
350 const VbSignature* sig = &preamble->preamble_signature; 358 const VbSignature* sig = &preamble->preamble_signature;
351 359
352 /* Sanity checks before attempting signature of data */ 360 /* Sanity checks before attempting signature of data */
361 if(size < sizeof(VbKernelPreambleHeader)) {
362 VBDEBUG(("Not enough data for preamble header.\n"));
363 return VBOOT_PREAMBLE_INVALID;
364 }
353 if (preamble->header_version_major != KERNEL_PREAMBLE_HEADER_VERSION_MAJOR) { 365 if (preamble->header_version_major != KERNEL_PREAMBLE_HEADER_VERSION_MAJOR) {
354 VBDEBUG(("Incompatible kernel preamble header version.\n")); 366 VBDEBUG(("Incompatible kernel preamble header version.\n"));
355 return VBOOT_PREAMBLE_INVALID; 367 return VBOOT_PREAMBLE_INVALID;
356 } 368 }
357 if (size < preamble->preamble_size) { 369 if (size < preamble->preamble_size) {
358 VBDEBUG(("Not enough data for preamble.\n")); 370 VBDEBUG(("Not enough data for preamble.\n"));
359 return VBOOT_PREAMBLE_INVALID; 371 return VBOOT_PREAMBLE_INVALID;
360 } 372 }
361 373
362 /* Check signature */ 374 /* Check signature */
(...skipping 87 matching lines...) Expand 10 before | Expand all | Expand 10 after
450 return VBOOT_SHARED_DATA_INVALID; 462 return VBOOT_SHARED_DATA_INVALID;
451 header->kernel_subkey_data_size = src->key_size; 463 header->kernel_subkey_data_size = src->key_size;
452 } 464 }
453 465
454 /* Copy the kernel sign key blob into the destination buffer */ 466 /* Copy the kernel sign key blob into the destination buffer */
455 PublicKeyInit(kdest, (uint8_t*)header + header->kernel_subkey_data_offset, 467 PublicKeyInit(kdest, (uint8_t*)header + header->kernel_subkey_data_offset,
456 header->kernel_subkey_data_size); 468 header->kernel_subkey_data_size);
457 469
458 return PublicKeyCopy(kdest, src); 470 return PublicKeyCopy(kdest, src);
459 } 471 }
OLDNEW
« no previous file with comments | « no previous file | no next file » | no next file with comments »

Powered by Google App Engine
This is Rietveld 408576698