From cd34f8c798f0e5aed02b6a3bd69a2db024b48273 Mon Sep 17 00:00:00 2001 From: Olaf Rempel Date: Sat, 17 Oct 2020 21:29:47 +0200 Subject: [PATCH] Check memsize against filesize before writing --- butterfly.c | 4 ++-- eprom_prog.c | 4 ++-- funk.c | 4 ++-- mpm.c | 2 +- multiboot.c | 4 ++-- multiboot.h | 2 +- twi.c | 4 ++-- 7 files changed, 12 insertions(+), 12 deletions(-) diff --git a/butterfly.c b/butterfly.c index 7e3bc36..fab56c5 100644 --- a/butterfly.c +++ b/butterfly.c @@ -209,8 +209,8 @@ static int butterfly_get_memtype(struct multiboot * p_mboot, /* ************************************************************************* * butterfly_get_memsize * ************************************************************************* */ -static int butterfly_get_memsize(struct multiboot * p_mboot, - int memtype) +static uint32_t butterfly_get_memsize(struct multiboot * p_mboot, + int memtype) { bfly_privdata_t * p_priv = (bfly_privdata_t *)p_mboot->privdata; diff --git a/eprom_prog.c b/eprom_prog.c index ff56a29..af98c6b 100644 --- a/eprom_prog.c +++ b/eprom_prog.c @@ -267,8 +267,8 @@ static int eprog_get_memtype(struct multiboot *mboot, /* ************************************************************************* * eprog_get_memsize * ************************************************************************* */ -static int eprog_get_memsize(struct multiboot *mboot, - int memtype) +static uint32_t eprog_get_memsize(struct multiboot *mboot, + int memtype) { struct eprog_privdata *p_prog = (struct eprog_privdata *)mboot->privdata; diff --git a/funk.c b/funk.c index 7fefea1..119925c 100644 --- a/funk.c +++ b/funk.c @@ -279,8 +279,8 @@ static int funk_get_memtype(struct multiboot *mboot, /* ************************************************************************* * funk_get_memsize * ************************************************************************* */ -static int funk_get_memsize(struct multiboot *mboot, - int memtype) +static uint32_t funk_get_memsize(struct multiboot *mboot, + int memtype) { struct funk_privdata *funk = (struct funk_privdata *)mboot->privdata; diff --git a/mpm.c b/mpm.c index fbe7a73..dab5de7 100644 --- a/mpm.c +++ b/mpm.c @@ -197,7 +197,7 @@ static int mpm_get_memtype(struct multiboot *mboot, /* ************************************************************************* * mpm_get_memsize * ************************************************************************* */ -static int mpm_get_memsize(struct multiboot *mboot, int memtype) +static uint32_t mpm_get_memsize(struct multiboot *mboot, int memtype) { struct mpm_privdata *mpm = (struct mpm_privdata *)mboot->privdata; diff --git a/multiboot.c b/multiboot.c index 0945153..19d352d 100644 --- a/multiboot.c +++ b/multiboot.c @@ -374,8 +374,8 @@ int main(int argc, char *argv[]) break; } - int memsize = mboot->ops->get_memsize(mboot, action->memtype); - if (memsize == 0) + uint32_t memsize = mboot->ops->get_memsize(mboot, action->memtype); + if ((memsize == 0) || (memsize < dbuf->length)) { fprintf(stderr, "invalid memsize: 0x%04x > 0x%04x\n", dbuf->length, memsize); dbuf_free(dbuf); diff --git a/multiboot.h b/multiboot.h index 378923d..ee80a4b 100644 --- a/multiboot.h +++ b/multiboot.h @@ -21,7 +21,7 @@ struct multiboot_ops void (* free)(struct multiboot *mboot); int (* get_memtype)(struct multiboot *mboot, const char *memname); - int (* get_memsize)(struct multiboot *mboot, int memtype); + uint32_t (* get_memsize)(struct multiboot *mboot, int memtype); int (* open)(struct multiboot *mboot); int (* close)(struct multiboot *mboot); diff --git a/twi.c b/twi.c index 2abd070..2acaf4f 100644 --- a/twi.c +++ b/twi.c @@ -592,8 +592,8 @@ static int twi_get_memtype(struct multiboot *mboot, /* ************************************************************************* * twi_get_memsize * ************************************************************************* */ -static int twi_get_memsize(struct multiboot *mboot, - int memtype) +static uint32_t twi_get_memsize(struct multiboot *mboot, + int memtype) { struct twi_privdata *twi = (struct twi_privdata *)mboot->privdata;