From: Pali Rohár Date: Thu, 23 Mar 2023 19:57:54 +0000 (+0100) Subject: tools: kwboot: Fix sending very small images X-Git-Url: http://git.dujemihanovic.xyz/login.html?a=commitdiff_plain;h=bb949e1da02b1744645e0c3a46fe9c2a67197fe8;p=u-boot.git tools: kwboot: Fix sending very small images Sending of very small images (smaller than 128 bytes = xmodem block size) cause out-of-bound memory read access. Fix this issue by ensuring that hdrsz when sending image is not larger than total size of the image. Issue was introduced in commit f8017c37799c ("tools: kwboot: Fix sending Kirkwood v0 images"). Special case when total image is smaller than header size aligned to multiply of xmodem size is already handled since that commit. Fixes: f8017c37799c ("tools: kwboot: Fix sending Kirkwood v0 images") Signed-off-by: Pali Rohár Reviewed-by: Stefan Roese --- diff --git a/tools/kwboot.c b/tools/kwboot.c index 61a9c3065a..dc69063600 100644 --- a/tools/kwboot.c +++ b/tools/kwboot.c @@ -1455,6 +1455,8 @@ kwboot_xmodem(int tty, const void *_img, size_t size, int baudrate) * followed by the header. So align header size to xmodem block size. */ hdrsz += (KWBOOT_XM_BLKSZ - hdrsz % KWBOOT_XM_BLKSZ) % KWBOOT_XM_BLKSZ; + if (hdrsz > size) + hdrsz = size; pnum = 1;