[coreboot-gerrit] Change in coreboot[master]: libpayload: Fix out-of-bounds read

26 Feb 2020


      Julius Werner has posted comments on this change. ( https://review.coreboot.org/c/coreboot/+/39033 )
Change subject: libpayload: Fix out-of-bounds read
......................................................................
Patch Set 4:
...
In this case, I was curious about coreboot and its secure boot implementation. Big fan of having easily auditable open source firmware!
Note that the core of the secure boot stuff is implemented in the separate "vboot" project, which is hosted at https://chromium.googlesource.com/chromiumos/platform/vboot_reference and checked out as a submodule under 3rdparty/vboot in your coreboot tree. It has a cleanly delimited API which might make it easier to analyze. Always appreciate extra eyes and analyzers on our code! (And if you do find something that's actually security-relevant, note that it might qualify for the rewards program at https://www.google.com/about/appsecurity/chrome-rewards/index.html.)
-- 
To view, visit https://review.coreboot.org/c/coreboot/+/39033
To unsubscribe, or for help writing mail filters, visit https://review.coreboot.org/settings

Gerrit-Project: coreboot
Gerrit-Branch: master
Gerrit-Change-Id: Ie442f82cd1abcf7fa18295e782cccf26a7d30079
Gerrit-Change-Number: 39033
Gerrit-PatchSet: 4
Gerrit-Owner: Alexandre Rebert alexandre.rebert@gmail.com
Gerrit-Reviewer: Alexandre Rebert alexandre.rebert@gmail.com
Gerrit-Reviewer: Julius Werner jwerner@chromium.org
Gerrit-Reviewer: Patrick Georgi pgeorgi@google.com
Gerrit-Reviewer: Paul Menzel paulepanter@users.sourceforge.net
Gerrit-Reviewer: build bot (Jenkins) no-reply@coreboot.org
Gerrit-Comment-Date: Wed, 26 Feb 2020 22:20:18 +0000
Gerrit-HasComments: No
Gerrit-Has-Labels: No
Gerrit-MessageType: comment

2025

2024

2023

2022

2021

2020

2019

2018

2017

2016

2015

2014

2013

[coreboot-gerrit] Change in coreboot[master]: libpayload: Fix out-of-bounds read