Florian Zumbiehl just uploaded a new patch set to gerrit, which you can find at http://review.coreboot.org/369
-gerrit
commit f07282efab87037a54cf0f48c0ab835cbbd39efe Author: Florian Zumbiehl florz@florz.de Date: Tue Nov 1 20:17:11 2011 +0100
don't scan beyond end of CBFS
Change-Id: I66e535f77e513dbfa5fc906ecf288193af78ae62 Signed-off-by: Florian Zumbiehl florz@florz.de --- payloads/libpayload/libcbfs/cbfs_core.c | 3 ++- src/lib/cbfs_core.c | 3 ++- 2 files changed, 4 insertions(+), 2 deletions(-)
diff --git a/payloads/libpayload/libcbfs/cbfs_core.c b/payloads/libpayload/libcbfs/cbfs_core.c index 596fa3f..4bf755b 100644 --- a/payloads/libpayload/libcbfs/cbfs_core.c +++ b/payloads/libpayload/libcbfs/cbfs_core.c @@ -97,6 +97,7 @@ struct cbfs_file *cbfs_find(const char *name) data = (void*)phys_to_virt(romstart()) + ntohl(header->offset); dataend = (void*)phys_to_virt(romstart()) + ntohl(header->romsize); } + dataend -= ntohl(header->bootblocksize);
int align = ntohl(header->align);
@@ -106,7 +107,7 @@ struct cbfs_file *cbfs_find(const char *name) if (memcmp(CBFS_FILE_MAGIC, file->magic, strlen(CBFS_FILE_MAGIC)) != 0) { // no file header found. corruption? // proceed in aligned steps to resynchronize - LOG("No file header found at %p, searching for header\n", data); + LOG("ERROR: No file header found at %p, attempting to recover by searching for header\n", data); data = phys_to_virt(CBFS_ALIGN_UP(virt_to_phys(data), align)); continue; } diff --git a/src/lib/cbfs_core.c b/src/lib/cbfs_core.c index 596fa3f..4bf755b 100644 --- a/src/lib/cbfs_core.c +++ b/src/lib/cbfs_core.c @@ -97,6 +97,7 @@ struct cbfs_file *cbfs_find(const char *name) data = (void*)phys_to_virt(romstart()) + ntohl(header->offset); dataend = (void*)phys_to_virt(romstart()) + ntohl(header->romsize); } + dataend -= ntohl(header->bootblocksize);
int align = ntohl(header->align);
@@ -106,7 +107,7 @@ struct cbfs_file *cbfs_find(const char *name) if (memcmp(CBFS_FILE_MAGIC, file->magic, strlen(CBFS_FILE_MAGIC)) != 0) { // no file header found. corruption? // proceed in aligned steps to resynchronize - LOG("No file header found at %p, searching for header\n", data); + LOG("ERROR: No file header found at %p, attempting to recover by searching for header\n", data); data = phys_to_virt(CBFS_ALIGN_UP(virt_to_phys(data), align)); continue; }