From: Troy Kisky <troy.kisky@boundarydevices.com>
To: u-boot@lists.denx.de
Subject: [U-Boot] [PATCH V2 02/21] imximage: check dcd_len as entries added
Date: Mon, 24 Sep 2012 13:54:37 -0700 [thread overview]
Message-ID: <5060C88D.3070507@boundarydevices.com> (raw)
In-Reply-To: <505EECE6.6060508@denx.de>
On 9/23/2012 4:05 AM, Stefano Babic wrote:
> On 22/09/2012 04:38, Troy Kisky wrote:
>> Before the len was checked after the entire file
>> was processed, so it could have already overflowed.
>>
> Hi Troy,
>
>> Signed-off-by: Troy Kisky <troy.kisky@boundarydevices.com>
>> ---
>> tools/imximage.c | 26 +++++++++++---------------
>> 1 file changed, 11 insertions(+), 15 deletions(-)
>>
>> diff --git a/tools/imximage.c b/tools/imximage.c
>> index 25d3b74..0bfbec3 100644
>> --- a/tools/imximage.c
>> +++ b/tools/imximage.c
>> @@ -71,6 +71,7 @@ static set_dcd_val_t set_dcd_val;
>> static set_dcd_rst_t set_dcd_rst;
>> static set_imx_hdr_t set_imx_hdr;
>> static set_imx_size_t set_imx_size;
>> +static uint32_t max_dcd_entries;
>> static uint32_t g_flash_offset;
>>
>> static struct image_type_params imximage_params;
>> @@ -173,13 +174,6 @@ static void set_dcd_rst_v1(struct imx_header *imxhdr, uint32_t dcd_len,
>> {
>> dcd_v1_t *dcd_v1 = &imxhdr->header.hdr_v1.dcd_table;
>>
>> - if (dcd_len > MAX_HW_CFG_SIZE_V1) {
>> - fprintf(stderr, "Error: %s[%d] -"
>> - "DCD table exceeds maximum size(%d)\n",
>> - name, lineno, MAX_HW_CFG_SIZE_V1);
>> - exit(EXIT_FAILURE);
>> - }
>> -
>> dcd_v1->preamble.barker = DCD_BARKER;
>> dcd_v1->preamble.length = dcd_len * sizeof(dcd_type_addr_data_t);
>> }
>> @@ -193,13 +187,6 @@ static void set_dcd_rst_v2(struct imx_header *imxhdr, uint32_t dcd_len,
>> {
>> dcd_v2_t *dcd_v2 = &imxhdr->header.hdr_v2.dcd_table;
>>
>> - if (dcd_len > MAX_HW_CFG_SIZE_V2) {
>> - fprintf(stderr, "Error: %s[%d] -"
>> - "DCD table exceeds maximum size(%d)\n",
>> - name, lineno, MAX_HW_CFG_SIZE_V2);
>> - exit(EXIT_FAILURE);
>> - }
>> -
>> dcd_v2->header.tag = DCD_HEADER_TAG;
>> dcd_v2->header.length = cpu_to_be16(
>> dcd_len * sizeof(dcd_addr_data_t) + 8);
>> @@ -293,12 +280,14 @@ static void set_hdr_func(struct imx_header *imxhdr)
>> set_dcd_rst = set_dcd_rst_v1;
>> set_imx_hdr = set_imx_hdr_v1;
>> set_imx_size = set_imx_size_v1;
>> + max_dcd_entries = MAX_HW_CFG_SIZE_V1;
>> break;
>> case IMXIMAGE_V2:
>> set_dcd_val = set_dcd_val_v2;
>> set_dcd_rst = set_dcd_rst_v2;
>> set_imx_hdr = set_imx_hdr_v2;
>> set_imx_size = set_imx_size_v2;
>> + max_dcd_entries = MAX_HW_CFG_SIZE_V2;
>> break;
>> default:
>> err_imximage_version(imximage_version);
>> @@ -425,8 +414,15 @@ static void parse_cfg_fld(struct imx_header *imxhdr, int32_t *cmd,
>> value = get_cfg_value(token, name, lineno);
>> (*set_dcd_val)(imxhdr, name, lineno, fld, value, *dcd_len);
>>
>> - if (fld == CFG_REG_VALUE)
>> + if (fld == CFG_REG_VALUE) {
>> (*dcd_len)++;
>> + if (*dcd_len > max_dcd_entries) {
>> + fprintf(stderr, "Error: %s[%d] -"
>> + "DCD table exceeds maximum size(%d)\n",
>> + name, lineno, max_dcd_entries);
>> + exit(EXIT_FAILURE);
>> + }
>> + }
>> break;
>> default:
>> break;
>>
> This patch seems to me unrelated to the rest, and fixes the case when
> too much DCD entries are put into the imximage.cfg file. What about to
> rebase it on the current code and post it as separate patch ? I think
> this can be merged directly, also in the current realease.
>
> Best regards,
> Stefano Babic
>
It is a fix, but for a bug that has never happened. So I think it is
very low priority.
But I can reorder the patches so that this is the 1st in the series, in case
the other patches are never accepted.
I don't think it belongs in the current release.
Troy
next prev parent reply other threads:[~2012-09-24 20:54 UTC|newest]
Thread overview: 202+ messages / expand[flat|nested] mbox.gz Atom feed top
2012-09-19 0:02 [U-Boot] (no subject) Troy Kisky
2012-09-19 0:02 ` [U-Boot] [PATCH 01/11] imximage: make header variable length Troy Kisky
2012-09-19 0:03 ` [U-Boot] [PATCH 02/11] imximage: check dcd_len as entries added Troy Kisky
2012-09-19 0:03 ` [U-Boot] [PATCH 03/11] imximage: enable word writes for version2 header Troy Kisky
2012-09-19 0:03 ` [U-Boot] [PATCH 04/11] imximage: cleanup parsing Troy Kisky
2012-09-19 0:03 ` [U-Boot] [PATCH 05/11] imximage: add expression evaluation Troy Kisky
2012-09-19 0:03 ` [U-Boot] [PATCH 06/11] imximage: add plugin commands Troy Kisky
2012-09-19 0:03 ` [U-Boot] [PATCH 07/11] imximage.cfg: run files through C preprocessor Troy Kisky
2012-09-19 0:03 ` [U-Boot] [PATCH 08/11] mx6: add plugin file for use with imximage.cfg Troy Kisky
2012-09-19 1:40 ` Troy Kisky
2012-09-19 0:03 ` [U-Boot] [PATCH 09/11] mx6qsabrelite: imximage.cfg: use symbols instead of hardcoded constants Troy Kisky
2012-09-19 0:03 ` [U-Boot] [PATCH 10/11] mx6qsabrelite: imximage.cfg: allow plugin to work Troy Kisky
2012-09-19 0:03 ` [U-Boot] [PATCH 11/11] RFC mx6qsabrelite: imximage.cfg: enable plugin mode Troy Kisky
2012-09-19 1:52 ` Troy Kisky
2012-09-22 2:38 ` [U-Boot] [PATCH V2 00/21] Add mx6solo/mx6duallite support Troy Kisky
2012-09-22 2:38 ` [U-Boot] [PATCH V2 01/21] imximage: make header variable length Troy Kisky
2012-09-23 10:57 ` Stefano Babic
2012-09-24 20:30 ` Troy Kisky
2012-09-25 11:08 ` Stefano Babic
2012-09-22 2:38 ` [U-Boot] [PATCH V2 02/21] imximage: check dcd_len as entries added Troy Kisky
2012-09-23 11:05 ` Stefano Babic
2012-09-24 20:54 ` Troy Kisky [this message]
2012-09-25 11:12 ` Stefano Babic
2012-09-22 2:39 ` [U-Boot] [PATCH V2 03/21] imximage: enable word writes for version2 header Troy Kisky
2012-09-22 2:39 ` [U-Boot] [PATCH V2 04/21] imximage: cleanup parsing Troy Kisky
2012-09-23 11:08 ` Stefano Babic
2012-09-24 20:59 ` Troy Kisky
2012-09-22 2:39 ` [U-Boot] [PATCH V2 05/21] imximage: add expression evaluation Troy Kisky
2012-09-23 14:56 ` Stefano Babic
2012-09-24 21:18 ` Troy Kisky
2012-09-22 2:39 ` [U-Boot] [PATCH V2 06/21] imximage: add plugin commands Troy Kisky
2012-09-23 15:38 ` Stefano Babic
2012-09-24 21:46 ` Troy Kisky
2012-09-22 2:39 ` [U-Boot] [PATCH V2 07/21] imximage.cfg: run files through C preprocessor Troy Kisky
2012-09-22 2:39 ` [U-Boot] [PATCH V2 08/21] mx6: add plugin file for use with imximage.cfg Troy Kisky
2012-09-22 4:06 ` Vikram Narayanan
2012-09-23 10:17 ` Stefano Babic
2012-09-23 16:23 ` Eric Nelson
2012-09-23 17:08 ` Stefano Babic
2012-09-23 23:29 ` Eric Nelson
2012-09-24 7:22 ` Stefano Babic
2012-09-24 13:48 ` Eric Nelson
2012-09-24 15:17 ` Stefano Babic
2012-09-24 22:23 ` Troy Kisky
2012-09-25 12:13 ` Stefano Babic
2012-09-24 20:46 ` Troy Kisky
2012-09-25 11:57 ` Stefano Babic
2012-09-22 2:39 ` [U-Boot] [PATCH V2 09/21] mx6q_4x_mt41j128.cfg: use symbols instead of hardcoded constants Troy Kisky
2012-09-22 2:39 ` [U-Boot] [PATCH V2 10/21] mx6q_4x_mt41j128.cfg: allow plugin to work Troy Kisky
2012-09-22 2:39 ` [U-Boot] [PATCH V2 11/21] mx6q_4x_mt41j128.cfg: enable plugin mode Troy Kisky
2012-09-22 2:39 ` [U-Boot] [PATCH V2 12/21] mx6q_4x_mt41j128.cfg: add comments Troy Kisky
2012-09-22 2:39 ` [U-Boot] [PATCH V2 13/21] mx6q_4x_mt41j128.cfg: use ddr3 mode for reset Troy Kisky
2012-09-22 2:39 ` [U-Boot] [PATCH V2 14/21] mx6q_4x_mt41j128.cfg: skip initiailizing non-existent memory Troy Kisky
2012-09-22 2:39 ` [U-Boot] [PATCH V2 15/21] mx6q_4x_mt41j128.cfg: reorder for more efficient storage Troy Kisky
2012-09-22 17:27 ` Fabio Estevam
2012-09-22 17:34 ` Troy Kisky
2012-09-22 2:39 ` [U-Boot] [PATCH V2 16/21] mx6q_4x_mt41j128.cfg: force ZQ calibration Troy Kisky
2012-09-22 2:39 ` [U-Boot] [PATCH V2 17/21] mx6: soc: add get_cpu_type Troy Kisky
2012-09-22 2:50 ` Fabio Estevam
2012-09-22 17:07 ` Troy Kisky
2012-09-23 14:59 ` Stefano Babic
2012-09-22 2:39 ` [U-Boot] [PATCH V2 18/21] arch-mx6: add mx6dl_pins.h Troy Kisky
2012-09-22 4:10 ` Vikram Narayanan
2012-09-22 17:17 ` Troy Kisky
2012-09-22 2:39 ` [U-Boot] [PATCH V2 19/21] mx6qsabrelite: add support for mx6 solo/duallite Troy Kisky
2012-09-22 4:12 ` Vikram Narayanan
2012-09-22 17:24 ` Troy Kisky
2012-09-22 2:39 ` [U-Boot] [PATCH V2 20/21] mx6q_4x_mt41j128.cfg: add mx6 solo/duallite support Troy Kisky
2012-09-22 2:39 ` [U-Boot] [PATCH V2 21/21] mx6qsabrelite: change CONFIG_SYS_PROMPT Troy Kisky
2012-09-22 6:21 ` [U-Boot] [PATCH V2 00/21] Add mx6solo/mx6duallite support Dirk Behme
2012-09-22 16:53 ` Troy Kisky
2012-10-04 1:47 ` [U-Boot] [PATCH V3 00/32] " Troy Kisky
2012-10-04 1:47 ` [U-Boot] [PATCH V3 01/32] imximage: check dcd_len as entries added Troy Kisky
2012-10-20 15:45 ` Stefano Babic
2012-10-04 1:47 ` [U-Boot] [PATCH V3 02/32] imximage: remove redundant setting of app_dest_ptr Troy Kisky
2012-10-08 13:17 ` Stefano Babic
2012-10-20 15:46 ` Stefano Babic
2012-10-04 1:47 ` [U-Boot] [PATCH V3 03/32] imximage: move flash_offset check to common location Troy Kisky
2012-10-08 13:19 ` Stefano Babic
2012-10-18 18:40 ` Troy Kisky
2012-10-19 8:01 ` Stefano Babic
2012-10-20 15:46 ` Stefano Babic
2012-10-04 1:47 ` [U-Boot] [PATCH V3 04/32] imximage: fix size of image to load Troy Kisky
2012-10-20 15:47 ` Stefano Babic
2012-10-04 1:47 ` [U-Boot] [PATCH V3 05/32] imximage: delay setting of image size Troy Kisky
2012-10-20 15:47 ` Stefano Babic
2012-10-04 1:47 ` [U-Boot] [PATCH V3 06/32] imximage: change parameters to set_imx_hdr Troy Kisky
2012-10-20 15:48 ` Stefano Babic
2012-10-04 1:47 ` [U-Boot] [PATCH V3 07/32] imximage: make set_imx_hdr_v1/v2 easier to read Troy Kisky
2012-10-20 15:48 ` Stefano Babic
2012-10-04 1:47 ` [U-Boot] [PATCH V3 08/32] imximage: make header variable length Troy Kisky
2012-10-20 15:52 ` Stefano Babic
2012-10-21 1:31 ` Troy Kisky
2012-10-21 8:35 ` Stefano Babic
2012-10-22 21:03 ` Troy Kisky
2012-11-28 1:31 ` [U-Boot] [PATCH V4 00/11] imximage series Troy Kisky
2012-11-28 1:31 ` [U-Boot] [PATCH V4 01/11] imximage: mx53 needs transfer length a multiple of 512 Troy Kisky
2012-11-28 9:27 ` Wolfgang Denk
2012-11-28 18:18 ` Troy Kisky
2012-11-28 20:25 ` Wolfgang Denk
2012-11-28 21:05 ` Troy Kisky
2012-11-28 21:35 ` Wolfgang Denk
2012-11-29 2:42 ` Troy Kisky
2012-11-29 5:28 ` Wolfgang Denk
2012-12-03 9:23 ` Stefano Babic
2012-12-03 9:12 ` Stefano Babic
2012-11-28 18:26 ` Troy Kisky
2012-11-28 10:34 ` Liu Hui-R64343
2012-11-28 1:31 ` [U-Boot] [PATCH V4 02/11] imximage: make header variable length Troy Kisky
2012-11-28 10:42 ` Liu Hui-R64343
2012-11-28 1:31 ` [U-Boot] [PATCH V4 03/11] imximage: remove static imximage_version Troy Kisky
2012-11-28 10:43 ` Liu Hui-R64343
2012-11-28 1:31 ` [U-Boot] [PATCH V4 04/11] imximage: prepare to move static variables to struct data_src Troy Kisky
2012-11-28 9:38 ` Wolfgang Denk
2012-11-28 18:36 ` Troy Kisky
2012-11-28 20:30 ` Wolfgang Denk
2012-11-28 1:31 ` [U-Boot] [PATCH V4 05/11] imximage: change parameters for set_dcd_val/set_imx_hdr Troy Kisky
2012-11-28 10:43 ` Liu Hui-R64343
2012-11-28 1:31 ` [U-Boot] [PATCH V4 06/11] imximage: move set_imx_hdr to struct data_src Troy Kisky
2012-11-28 10:45 ` Liu Hui-R64343
2012-11-28 1:31 ` [U-Boot] [PATCH V4 07/11] imximage: move set_dcd_val " Troy Kisky
2012-11-28 10:47 ` Liu Hui-R64343
2012-11-28 1:31 ` [U-Boot] [PATCH V4 08/11] imximage: enable word writes for version2 header Troy Kisky
2012-11-28 9:39 ` Wolfgang Denk
2012-11-28 20:40 ` Troy Kisky
2012-12-04 8:23 ` Stefano Babic
2012-11-28 10:47 ` Liu Hui-R64343
2012-11-28 1:31 ` [U-Boot] [PATCH V4 09/11] tools: add parse_helper file Troy Kisky
2012-11-28 9:41 ` Wolfgang Denk
2012-11-28 10:48 ` Liu Hui-R64343
2012-11-28 1:31 ` [U-Boot] [PATCH V4 10/11] imximage: use parse_helper functions Troy Kisky
2012-11-28 10:48 ` Liu Hui-R64343
2012-11-28 1:31 ` [U-Boot] [PATCH V4 11/11] parse_helper: add expression evaluation Troy Kisky
2012-11-28 10:49 ` Liu Hui-R64343
2012-11-28 9:30 ` [U-Boot] [PATCH V4 00/11] imximage series Wolfgang Denk
2012-11-28 18:29 ` Troy Kisky
2012-10-04 1:47 ` [U-Boot] [PATCH V3 09/32] imximage: remove static imximage_version Troy Kisky
2012-10-04 1:47 ` [U-Boot] [PATCH V3 10/32] imximage: prepare to move static variables to struct data_src Troy Kisky
2012-10-04 1:47 ` [U-Boot] [PATCH V3 11/32] imximage: change parameters for set_dcd_val/set_imx_hdr Troy Kisky
2012-10-04 1:47 ` [U-Boot] [PATCH V3 12/32] imximage: move set_imx_hdr to struct data_src Troy Kisky
2012-10-04 1:47 ` [U-Boot] [PATCH V3 13/32] imximage: move set_dcd_val " Troy Kisky
2012-10-04 1:47 ` [U-Boot] [PATCH V3 14/32] imximage: enable word writes for version2 header Troy Kisky
2012-10-04 1:47 ` [U-Boot] [PATCH V3 15/32] tools: add parse_helper file Troy Kisky
2012-10-04 1:47 ` [U-Boot] [PATCH V3 16/32] imximage: use parse_helper functions Troy Kisky
2012-10-04 1:47 ` [U-Boot] [PATCH V3 17/32] imximage.cfg: run files through C preprocessor Troy Kisky
2012-10-07 18:19 ` Eric Nelson
2012-10-08 19:11 ` Troy Kisky
2012-10-08 13:38 ` Stefano Babic
2012-10-08 21:48 ` Troy Kisky
2012-10-10 2:03 ` Troy Kisky
2012-10-11 11:11 ` Stefano Babic
2012-10-11 20:33 ` Troy Kisky
2012-10-11 22:27 ` stefano babic
2012-10-11 23:15 ` Tom Rini
2012-10-13 10:11 ` [U-Boot] File placement in Soc / board dirs and make issues (was: [PATCH V3 17/32] imximage.cfg: run files through C preprocessor) Albert ARIBAUD
2012-10-13 15:17 ` Tom Rini
2012-10-14 8:37 ` [U-Boot] File placement in Soc / board dirs and make issues Albert ARIBAUD
2012-10-15 1:24 ` Tom Rini
2012-10-23 6:30 ` Albert ARIBAUD
2012-10-17 20:32 ` [U-Boot] [PATCH V3 17/32] imximage.cfg: run files through C preprocessor Troy Kisky
2012-10-17 21:05 ` Tom Rini
2012-10-17 21:38 ` Troy Kisky
2012-10-17 22:29 ` Tom Rini
2012-10-04 1:47 ` [U-Boot] [PATCH V3 18/32] mx6q_4x_mt41j128.cfg: use symbols instead of hardcoded constants Troy Kisky
2012-10-04 1:47 ` [U-Boot] [PATCH V3 19/32] mx6q_4x_mt41j128.cfg: add comments Troy Kisky
2012-10-04 1:47 ` [U-Boot] [PATCH V3 20/32] mx6q_4x_mt41j128.cfg: use ddr3 mode for reset Troy Kisky
2012-10-04 1:47 ` [U-Boot] [PATCH V3 21/32] mx6q_4x_mt41j128.cfg: skip initiailizing non-existent memory Troy Kisky
2012-10-07 21:01 ` Eric Nelson
2012-10-04 1:47 ` [U-Boot] [PATCH V3 22/32] mx6q_4x_mt41j128.cfg: force ZQ calibration Troy Kisky
2012-10-04 1:47 ` [U-Boot] [PATCH V3 23/32] mx6: soc: update get_cpu_rev and get_imx_type for mx6solo/sololite Troy Kisky
2012-10-04 1:47 ` [U-Boot] [PATCH V3 24/32] mx6: use CONFIG_MX6 instead of CONFIG_MX6Q Troy Kisky
2012-10-08 13:41 ` Stefano Babic
2012-10-08 21:49 ` Troy Kisky
2012-10-04 1:47 ` [U-Boot] [PATCH V3 25/32] imx-common: cpu: add imx_ddr_size Troy Kisky
2012-10-08 13:06 ` Stefano Babic
2012-10-08 21:35 ` Troy Kisky
2012-10-04 1:47 ` [U-Boot] [PATCH V3 26/32] arch-mx6: add mx6dl_pins.h Troy Kisky
2012-10-04 1:47 ` [U-Boot] [PATCH V3 27/32] mx6qsabrelite: add support for mx6 solo/duallite Troy Kisky
2012-10-04 3:23 ` Otavio Salvador
2012-10-04 23:34 ` Troy Kisky
2012-10-08 13:47 ` Stefano Babic
2012-10-04 1:47 ` [U-Boot] [PATCH V3 28/32] mx6q_4x_mt41j128.cfg: add mx6 solo/duallite support Troy Kisky
2012-10-08 18:46 ` Eric Nelson
2012-10-08 21:08 ` Troy Kisky
2012-10-04 1:47 ` [U-Boot] [PATCH V3 29/32] Add boards for sabrelite variants mx6s(solo) and mx6dl(duallite) Troy Kisky
2012-10-04 1:47 ` [U-Boot] [PATCH V3 30/32] mx6qsabrelite: change CONFIG_SYS_PROMPT Troy Kisky
2012-10-04 3:00 ` Otavio Salvador
2012-10-04 23:28 ` Troy Kisky
2012-10-08 13:54 ` Stefano Babic
2012-10-08 21:58 ` Troy Kisky
2012-10-08 22:05 ` Fabio Estevam
2012-10-08 22:18 ` stefano babic
2012-10-08 22:22 ` Eric Nelson
2012-10-08 22:21 ` Eric Nelson
2012-10-04 1:47 ` [U-Boot] [PATCH V3 31/32] parse_helper: add expression evaluation Troy Kisky
2012-10-04 1:47 ` [U-Boot] [PATCH V3 32/32] imx-mkimage.h: use base + offset syntax Troy Kisky
2012-10-04 10:18 ` [U-Boot] [PATCH V3 00/32] Add mx6solo/mx6duallite support Albert ARIBAUD
2012-10-04 14:36 ` Eric Nelson
2012-10-04 19:51 ` Albert ARIBAUD
2012-10-04 14:52 ` Eric Nelson
2012-10-08 13:15 ` Stefano Babic
2012-10-08 23:58 ` Troy Kisky
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=5060C88D.3070507@boundarydevices.com \
--to=troy.kisky@boundarydevices.com \
--cc=u-boot@lists.denx.de \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox