[coreboot-gerrit] Patch set updated for coreboot: 121e4b6 cbfstool: check potential microcode update earlier

Stefan Reinauer (stefan.reinauer@coreboot.org) gerrit at coreboot.org
Wed Nov 20 01:51:21 CET 2013

Stefan Reinauer (stefan.reinauer at coreboot.org) just uploaded a new patch set to gerrit, which you can find at http://review.coreboot.org/4161


commit 121e4b633024411a06dbfd6f819b46a9b74e5118
Author: Aaron Durbin <adurbin at chromium.org>
Date:   Tue May 7 11:14:01 2013 -0500

    cbfstool: check potential microcode update earlier
    The update-fit command takes in a parameter for number of slots
    in the FIT table. It then processes the microcobe blob in cbfs
    adding those entries to the FIT table. However, the tracking of
    the number of mircocode updates was incremented before validating
    the update. Therefore, move the sanity checking before an increment
    of the number of updates.
    Change-Id: Ie8290f53316b251e500b88829fdcf9b5735c1b0e
    Signed-off-by: Aaron Durbin <adurbin at chromium.org>
    Reviewed-on: https://gerrit.chromium.org/gerrit/50319
    Reviewed-by: Duncan Laurie <dlaurie at chromium.org>
 util/cbfstool/fit.c | 8 ++++----
 1 file changed, 4 insertions(+), 4 deletions(-)

diff --git a/util/cbfstool/fit.c b/util/cbfstool/fit.c
index 12a7e3b..02cfaee 100644
--- a/util/cbfstool/fit.c
+++ b/util/cbfstool/fit.c
@@ -206,6 +206,10 @@ static int parse_microcode_blob(struct cbfs_image *image,
 		mcu_header = rom_buffer_pointer(image, current_offset);
+		/* Quickly sanity check a prospective microcode update. */
+		if (mcu_header->total_size < sizeof(*mcu_header))
+			break;
 		/* FIXME: Should the checksum be validated? */
 		mcus[num_mcus].offset = current_offset;
 		mcus[num_mcus].size = mcu_header->total_size;
@@ -215,10 +219,6 @@ static int parse_microcode_blob(struct cbfs_image *image,
 		file_length -= mcus[num_mcus].size;
-		/* Can't determine any more entries. */
-		if (!mcu_header->total_size)
-			break;
 		/* Reached limit of FIT entries. */
 		if (num_mcus == *total_mcus)

More information about the coreboot-gerrit mailing list