[coreboot-gerrit] New patch to review for coreboot: 7cac149 LZMA: Add a version of ulzma which takes the input and output buffer sizes.

Isaac Christensen (isaac.christensen@se-eng.com) gerrit at coreboot.org
Tue Jul 29 22:15:51 CEST 2014 

Isaac Christensen (isaac.christensen at se-eng.com) just uploaded a new patch set to gerrit, which you can find at http://review.coreboot.org/6408

-gerrit

commit 7cac149531cfceff4a6087fcdf1db1c8c56dab2c
Author: Gabe Black <gabeblack at google.com>
Date:   Sat Aug 10 09:35:56 2013 -0700

    LZMA: Add a version of ulzma which takes the input and output buffer sizes.
    
    This version is used to implement the version which doesn't.
    
    Old-Change-Id: I8935024aca0849bc939263d7fc3036c586e63c68
    Signed-off-by: Gabe Black <gabeblack at google.com>
    Reviewed-on: https://gerrit.chromium.org/gerrit/65510
    Reviewed-by: Kees Cook <keescook at chromium.org>
    Reviewed-by: Stefan Reinauer <reinauer at google.com>
    Tested-by: Gabe Black <gabeblack at chromium.org>
    Commit-Queue: Gabe Black <gabeblack at chromium.org>
    (cherry picked from commit 465d167ad2f6a67d0b2c91fb6c68c8f9a09dd395)
    
    libpayload: Make lzma truncation non-fatal.
    
    If the size the lzma header claims it needs is bigger than the space we have,
    print a message and continue rather than erroring out. Apparently the encoder
    is lazy sometimes and just puts a large value there regardless of what the
    actual size is.
    
    This was the original intention for this code, but an outdated version of the
    patch ended up being submitted.
    
    Old-Change-Id: Ibcf7ac0fd4b65ce85377421a4ee67b82d92d29d3
    Signed-off-by: Gabe Black <gabeblack at google.com>
    Reviewed-on: https://gerrit.chromium.org/gerrit/66235
    Reviewed-by: Stefan Reinauer <reinauer at google.com>
    Commit-Queue: Gabe Black <gabeblack at chromium.org>
    Tested-by: Gabe Black <gabeblack at chromium.org>
    (cherry picked from commit 30c628eeada274fc8b94f8f69f9df4f33cbfc773)
    
    Squashed two related commits.
    
    Change-Id: I484b5c1e3809781033d146609a35a9e5e666c8ed
    Signed-off-by: Isaac Christensen <isaac.christensen at se-eng.com>
---
 payloads/libpayload/include/lzma.h | 12 ++++++++++--
 payloads/libpayload/liblzma/lzma.c | 18 ++++++++++++++----
 2 files changed, 24 insertions(+), 6 deletions(-)

diff --git a/payloads/libpayload/include/lzma.h b/payloads/libpayload/include/lzma.h
index 818c16d..523bc8c 100644
--- a/payloads/libpayload/include/lzma.h
+++ b/payloads/libpayload/include/lzma.h
@@ -30,10 +30,18 @@
 #ifndef _LZMA_H
 #define _LZMA_H
 
-/* decompresses the data stream at src to dst, determining its length from
+/* Decompresses the data stream at src to dst. The sizes of the source and
+ * destination buffers are in srcn and dstn.
+ *
+ * Returns the decompressed size, or 0 on error
+ */
+unsigned long ulzman(const unsigned char *src, unsigned long srcn,
+		     unsigned char *dst, unsigned long dstn);
+
+/* Decompresses the data stream at src to dst, determining its length from
  * the data stream itself.
  *
- * returns the decompressed size, or 0 on error
+ * Returns the decompressed size, or 0 on error
  */
 unsigned long ulzma(const unsigned char *src, unsigned char *dst);
 
diff --git a/payloads/libpayload/liblzma/lzma.c b/payloads/libpayload/liblzma/lzma.c
index 0b97213..23c9562 100644
--- a/payloads/libpayload/liblzma/lzma.c
+++ b/payloads/libpayload/liblzma/lzma.c
@@ -14,9 +14,11 @@
 #include <string.h>
 #include "lzmadecode.c"
 
-unsigned long ulzma(const unsigned char * src, unsigned char * dst)
+unsigned long ulzman(const unsigned char *src, unsigned long srcn,
+		     unsigned char *dst, unsigned long dstn)
 {
 	unsigned char properties[LZMA_PROPERTIES_SIZE];
+	const int data_offset = LZMA_PROPERTIES_SIZE + 8;
 	UInt32 outSize;
 	SizeT inProcessed;
 	SizeT outProcessed;
@@ -27,7 +29,10 @@ unsigned long ulzma(const unsigned char * src, unsigned char * dst)
 
 	memcpy(properties, src, LZMA_PROPERTIES_SIZE);
 	memcpy(&outSize, src + LZMA_PROPERTIES_SIZE, sizeof(outSize));
-	if (LzmaDecodeProperties(&state.Properties, properties, LZMA_PROPERTIES_SIZE) != LZMA_RESULT_OK) {
+	if (outSize > dstn)
+		outSize = dstn;
+	if (LzmaDecodeProperties(&state.Properties, properties,
+				 LZMA_PROPERTIES_SIZE) != LZMA_RESULT_OK) {
 		printf("lzma: Incorrect stream properties.\n");
 		return 0;
 	}
@@ -37,11 +42,16 @@ unsigned long ulzma(const unsigned char * src, unsigned char * dst)
 		return 0;
 	}
 	state.Probs = (CProb *)scratchpad;
-	res = LzmaDecode(&state, src + LZMA_PROPERTIES_SIZE + 8, (SizeT)0xffffffff, &inProcessed,
-		dst, outSize, &outProcessed);
+	res = LzmaDecode(&state, src + data_offset, srcn - data_offset,
+			 &inProcessed, dst, outSize, &outProcessed);
 	if (res != 0) {
 		printf("lzma: Decoding error = %d\n", res);
 		return 0;
 	}
 	return outSize;
 }
+
+unsigned long ulzma(const unsigned char *src, unsigned char *dst)
+{
+	return ulzman(src, (unsigned long)(-1), dst, (unsigned long)(-1));
+}

More information about the coreboot-gerrit mailing list