Attention is currently required from: Furquan Shaikh, Angel Pons.
Julius Werner has posted comments on this change. ( https://review.coreboot.org/c/coreboot/+/41121 )
Change subject: cbfstool: Support CONFIG_CBFS_VERIFICATION and metadata hash anchor
......................................................................
Patch Set 21:
(1 comment)
File util/cbfstool/cbfs_glue.h:
https://review.coreboot.org/c/coreboot/+/41121/comment/368aaad0_13a4eb64
PS21, Line 15: buffer_size(&dev->buffer) - offset < size)
AFAIUI, this check is to ensure `dev->buffer` is large enough to read `size` bytes at `offset`. […]
Yes, it's essentially the same thing, but it's written slightly more complicated to be overflow-safe. In your example, if (offset + size) was larger than the max value that can fit in size_t, the check might not catch it.
Granted, for cbfstool this is less likely to be an issue, but it doesn't hurt to be careful.
--
To view, visit
https://review.coreboot.org/c/coreboot/+/41121
To unsubscribe, or for help writing mail filters, visit
https://review.coreboot.org/settings
Gerrit-Project: coreboot
Gerrit-Branch: master
Gerrit-Change-Id: I61a84add8654f60c683ef213b844a11b145a5cb7
Gerrit-Change-Number: 41121
Gerrit-PatchSet: 21
Gerrit-Owner: Julius Werner
jwerner@chromium.org
Gerrit-Reviewer: Aaron Durbin
adurbin@chromium.org
Gerrit-Reviewer: Furquan Shaikh
furquan@google.com
Gerrit-Reviewer: Martin Roth
martinroth@google.com
Gerrit-Reviewer: Patrick Georgi
pgeorgi@google.com
Gerrit-Reviewer: build bot (Jenkins)
no-reply@coreboot.org
Gerrit-CC: Angel Pons
th3fanbus@gmail.com
Gerrit-CC: Paul Menzel
paulepanter@users.sourceforge.net
Gerrit-Attention: Furquan Shaikh
furquan@google.com
Gerrit-Attention: Angel Pons
th3fanbus@gmail.com
Gerrit-Comment-Date: Tue, 09 Feb 2021 01:44:27 +0000
Gerrit-HasComments: Yes
Gerrit-Has-Labels: No
Comment-In-Reply-To: Angel Pons
th3fanbus@gmail.com
Gerrit-MessageType: comment
