proxmox-mirrors/fwupd
1
0
Fork 0
mirror of https://git.proxmox.com/git/fwupd synced 2025-08-08 10:54:41 +00:00
Code Issues Actions Packages Projects Releases Wiki Activity

trivial: Fix a fuzzing crash for a corrupt IFD image

Browse Source 
Sanity check the alignment so we do not write gigabytes of 0xFF's.

Fixes https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=39982
This commit is contained in:
Richard Hughes 2021-10-15 19:20:11 +01:00
parent 4c5d00886a
commit 9c7939dae3
2 changed files with 20 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

10
libfwupdplugin/fu-efi-firmware-file.c
View File

@ -291,6 +291,16 @@ fu_efi_firmware_file_write_sections(FuFirmware *firmware, GError **error)
g_autoptr(GPtrArray) images = fu_firmware_get_images(firmware);
g_autoptr(GByteArray) buf = g_byte_array_new();
/* sanity check */
if (fu_firmware_get_alignment(firmware) > FU_FIRMWARE_ALIGNMENT_1M) {
g_set_error(error,
FWUPD_ERROR,
FWUPD_ERROR_INVALID_FILE,
"alignment invalid, got 0x%02x",
fu_firmware_get_alignment(firmware));
return NULL;
}
/* no sections defined */
if (images->len == 0)
return fu_firmware_get_bytes(firmware, error);

10
libfwupdplugin/fu-efi-firmware-filesystem.c
View File

@ -72,6 +72,16 @@ fu_efi_firmware_filesystem_write(FuFirmware *firmware, GError **error)
g_autoptr(GByteArray) buf = g_byte_array_new();
g_autoptr(GPtrArray) images = fu_firmware_get_images(firmware);
/* sanity check */
if (fu_firmware_get_alignment(firmware) > FU_FIRMWARE_ALIGNMENT_1M) {
g_set_error(error,
FWUPD_ERROR,
FWUPD_ERROR_INVALID_FILE,
"alignment invalid, got 0x%02x",
fu_firmware_get_alignment(firmware));
return NULL;
}
/* add each file */
for (guint i = 0; i < images->len; i++) {
FuFirmware *img = g_ptr_array_index(images, i);