Patrick Georgi has submitted this change and it was merged. ( https://review.coreboot.org/c/coreboot/+/31564 )
Change subject: libpayload: cbfs: Check decompressed size when loading files ......................................................................
libpayload: cbfs: Check decompressed size when loading files
After loading compressed files in CBFS, we should check the decompressed size is equal to the expected size. This might help us detect file content corruption or compressor/decompressor bugs.
BUG=none BRANCH=none TEST=manually (we can still boot into kernel on Kukui, and verify that loading files from CBFS still works by seeing ChromiumOS firmware screen).
Change-Id: Ia756cc5477670dd0d1d8aa59d4160ab4233c6795 Signed-off-by: You-Cheng Syu youcheng@google.com Reviewed-on: https://review.coreboot.org/c/31564 Reviewed-by: Julius Werner jwerner@chromium.org Reviewed-by: Daisuke Nojiri dnojiri@chromium.org Tested-by: build bot (Jenkins) no-reply@coreboot.org --- M payloads/libpayload/libcbfs/cbfs_core.c 1 file changed, 11 insertions(+), 9 deletions(-)
Approvals: build bot (Jenkins): Verified Julius Werner: Looks good to me, approved Daisuke Nojiri: Looks good to me, approved
diff --git a/payloads/libpayload/libcbfs/cbfs_core.c b/payloads/libpayload/libcbfs/cbfs_core.c index 4ecda30..39bbdb5 100644 --- a/payloads/libpayload/libcbfs/cbfs_core.c +++ b/payloads/libpayload/libcbfs/cbfs_core.c @@ -243,12 +243,9 @@ }
if (algo == CBFS_COMPRESS_NONE) { - if (limit != 0 && limit < on_media_size) { - *size = limit; + if (limit != 0 && limit < on_media_size) on_media_size = limit; - } else { - *size = on_media_size; - } + *size = on_media_size; }
void *data = m->map(m, handle->media_offset + handle->content_offset, @@ -257,10 +254,15 @@ return NULL;
ret = malloc(*size); - if (ret != NULL && - !cbfs_decompress(algo, data, on_media_size, ret, *size)) { - free(ret); - ret = NULL; + if (ret != NULL) { + size_t final_size = cbfs_decompress(algo, data, on_media_size, + ret, *size); + if (final_size != *size) { + ERROR("Expect %zu bytes but got %zu bytes after " + "decompression.\n", *size, final_size); + free(ret); + ret = NULL; + } }
m->unmap(m, data);