[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
[Qemu-stable] [PATCH 2/5] multiboot: Check validity of mh_header_addr
|
From: |
Kevin Wolf |
|
Subject: |
[Qemu-stable] [PATCH 2/5] multiboot: Check validity of mh_header_addr |
|
Date: |
Wed, 14 Mar 2018 18:32:10 +0100 |
I couldn't find a case where this prevents something bad from happening
that isn't already caught by other checks, but let's err on the safe
side and check that mh_header_addr is as expected.
Signed-off-by: Kevin Wolf <address@hidden>
---
hw/i386/multiboot.c | 4 ++++
1 file changed, 4 insertions(+)
diff --git a/hw/i386/multiboot.c b/hw/i386/multiboot.c
index 1e215bf8d3..5bc0a2cddb 100644
--- a/hw/i386/multiboot.c
+++ b/hw/i386/multiboot.c
@@ -229,6 +229,10 @@ int load_multiboot(FWCfgState *fw_cfg,
error_report("invalid load_addr address");
exit(1);
}
+ if (mh_header_addr - mh_load_addr > i) {
+ error_report("invalid header_addr address");
+ exit(1);
+ }
uint32_t mb_kernel_text_offset = i - (mh_header_addr - mh_load_addr);
uint32_t mb_load_size = 0;
--
2.13.6
[Qemu-stable] [PATCH 2/5] multiboot: Check validity of mh_header_addr,
Kevin Wolf <=
[Qemu-stable] [PATCH 3/5] tests/multiboot: Test exit code for every qemu run, Kevin Wolf, 2018/03/14
[Qemu-stable] [PATCH 5/5] tests/multiboot: Add .gitignore, Kevin Wolf, 2018/03/14
[Qemu-stable] [PATCH 4/5] tests/multiboot: Add tests for the a.out kludge, Kevin Wolf, 2018/03/14
Re: [Qemu-stable] [PATCH 0/5] multiboot: Fix buffer overflow on invalid kernels, Jack Schwartz, 2018/03/15