Julius Werner has posted comments on this change. ( https://review.coreboot.org/c/coreboot/+/34535 )
Change subject: lib: Throw an error when ramdisk is present but initrd.size is 0
......................................................................
Patch Set 10: Code-Review+1
(1 comment)
https://review.coreboot.org/c/coreboot/+/34535/10/src/lib/fit_payload.c
File src/lib/fit_payload.c:
https://review.coreboot.org/c/coreboot/+/34535/10/src/lib/fit_payload.c@78
PS10, Line 78: memcpy(dst, node->data, node->size);
This could result in a buffer overflow if region->size < node->size. […]
I don't see how this would result in an error? true_size would still be non-zero, even if you didn't copy enough.
It shouldn't really be possible for region->size to be smaller than node->size here. If you want a check, I'd just use assert().
--
To view, visit
https://review.coreboot.org/c/coreboot/+/34535
To unsubscribe, or for help writing mail filters, visit
https://review.coreboot.org/settings
Gerrit-Project: coreboot
Gerrit-Branch: master
Gerrit-Change-Id: I85aa33d2c2846b6b3a58df834dda18c47433257d
Gerrit-Change-Number: 34535
Gerrit-PatchSet: 10
Gerrit-Owner: Asami Doi
d0iasm.pub@gmail.com
Gerrit-Reviewer: Asami Doi
d0iasm.pub@gmail.com
Gerrit-Reviewer: Julius Werner
jwerner@chromium.org
Gerrit-Reviewer: Patrick Georgi
pgeorgi@google.com
Gerrit-Reviewer: Patrick Rudolph
patrick.rudolph@9elements.com
Gerrit-Reviewer: Raul Rangel
rrangel@chromium.org
Gerrit-Reviewer: build bot (Jenkins)
no-reply@coreboot.org
Gerrit-CC: Paul Menzel
paulepanter@users.sourceforge.net
Gerrit-Comment-Date: Tue, 30 Jul 2019 19:20:07 +0000
Gerrit-HasComments: Yes
Gerrit-Has-Labels: Yes
Comment-In-Reply-To: Raul Rangel
rrangel@chromium.org
Gerrit-MessageType: comment