[coreboot] [v2] r4653 - trunk/coreboot-v2/util/cbfstool

svn at coreboot.org svn at coreboot.org
Tue Sep 22 17:55:02 CEST 2009


Author: stepan
Date: 2009-09-22 17:55:01 +0200 (Tue, 22 Sep 2009)
New Revision: 4653

Modified:
   trunk/coreboot-v2/util/cbfstool/common.c
   trunk/coreboot-v2/util/cbfstool/common.h
Log:
* guard all mallocs in cbfstool
* fix an issue that could lead to cbfstool writing outside of its allocated
  memory 

Signed-off-by: Stefan Reinauer <stepan at coresystems.de>
Acked-by: Peter Stuge <peter at stuge.se>



Modified: trunk/coreboot-v2/util/cbfstool/common.c
===================================================================
--- trunk/coreboot-v2/util/cbfstool/common.c	2009-09-22 15:53:54 UTC (rev 4652)
+++ trunk/coreboot-v2/util/cbfstool/common.c	2009-09-22 15:55:01 UTC (rev 4653)
@@ -36,10 +36,16 @@
 	fseek(file, 0, SEEK_END);
 	*romsize_p = ftell(file);
 	fseek(file, 0, SEEK_SET);
-	if (!content)
+	if (!content) {
 		content = malloc(*romsize_p);
-	else if (place == SEEK_END)
+		if (!content) {
+			printf("Could not get %d bytes for file %s\n",
+					*romsize_p, filename);
+			exit(1);
+		}
+	} else if (place == SEEK_END)
 		content -= *romsize_p;
+
 	if (!fread(content, *romsize_p, 1, file)) {
 		printf("failed to read %s\n", filename);
 		return NULL;
@@ -255,6 +261,11 @@
 		*location -= headersize;
 	}
 	void *newdata = malloc(*datasize + headersize);
+	if (!newdata) {
+		printf("Could not get %d bytes for CBFS file.\n", *datasize +
+				headersize);
+		exit(1);
+	}
 	struct cbfs_file *nextfile = (struct cbfs_file *)newdata;
 	strncpy(nextfile->magic, "LARCHIVE", 8);
 	nextfile->len = htonl(*datasize);
@@ -272,9 +283,16 @@
 {
 	romsize = _romsize;
 	unsigned char *romarea = malloc(romsize);
+	if (!romarea) {
+		printf("Could not get %d bytes of memory for CBFS image.\n",
+				romsize);
+		exit(1);
+	}
 	memset(romarea, 0xff, romsize);
-	recalculate_rom_geometry(romarea);
 
+	// Set up physical/virtual mapping
+	offset = romarea + romsize - 0x100000000ULL;
+
 	if (align == 0)
 		align = 64;
 
@@ -291,6 +309,9 @@
 	master_header->offset = htonl(0);
 	((uint32_t *) phys_to_virt(0xfffffffc))[0] =
 	    virt_to_phys(master_header);
+
+	recalculate_rom_geometry(romarea);
+
 	struct cbfs_file *one_empty_file =
 	    cbfs_create_empty_file((0 - romsize) & 0xffffffff,
 				   romsize - bootblocksize -

Modified: trunk/coreboot-v2/util/cbfstool/common.h
===================================================================
--- trunk/coreboot-v2/util/cbfstool/common.h	2009-09-22 15:53:54 UTC (rev 4652)
+++ trunk/coreboot-v2/util/cbfstool/common.h	2009-09-22 15:55:01 UTC (rev 4653)
@@ -29,7 +29,7 @@
 
 static uint32_t virt_to_phys(void *addr)
 {
-	return (long)(addr - offset) & 0xffffffff;
+	return (unsigned long)(addr - offset) & 0xffffffff;
 }
 
 #define ALIGN(val, by) (((val) + (by)-1)&~((by)-1))
@@ -61,3 +61,5 @@
 
 int add_file_to_cbfs(void *content, uint32_t contentsize, uint32_t location);
 void print_cbfs_directory(const char *filename);
+
+#define ARRAY_SIZE(a) (sizeof(a) / sizeof((a)[0]))





More information about the coreboot mailing list