libpayload: cbfs: Require input size and output size for cbfs_decompress

Currently, cbfs_decompress() calls ulzma() and ulz4f() for LZMA/LZ4 decompression. These two functions don't accept input/output size as parameters. We can make cbfs_decompress more robust by calling ulzman() and ulz4fn() instead. This could prevent us from overflowing destination buffer. BUG=none BRANCH=none TEST=boot into kernel on Kukui with COMPRESSED_PAYLOAD_LZMA / COMPRESSED_PAYLOAD_LZ4. Change-Id: Ibe617825bd000ed618791d8e3c5f65bbbd5f7e33 Signed-off-by: You-Cheng Syu <youcheng@google.com> Reviewed-on: https://review.coreboot.org/c/31606 Tested-by: build bot (Jenkins) <no-reply@coreboot.org> Reviewed-by: Julius Werner <jwerner@chromium.org> Reviewed-by: Daisuke Nojiri <dnojiri@chromium.org>
2019-02-27 15:29:15 +08:00
parent 08087a3e8a
commit 5ec1d24974
3 changed files with 17 additions and 10 deletions
--- a/payloads/libpayload/include/cbfs_core.h
+++ b/payloads/libpayload/include/cbfs_core.h
@@ -253,8 +253,9 @@ struct cbfs_media {
 void *cbfs_get_file_content(struct cbfs_media *media, const char *name,
 			    int type, size_t *sz);

-/* returns decompressed size on success, 0 on failure */
-int cbfs_decompress(int algo, void *src, void *dst, int len);
+/* Returns decompressed size on success, 0 on failure. */
+size_t cbfs_decompress(int algo, const void *src, size_t srcn, void *dst,
+		       size_t dstn);

 /* returns a pointer to CBFS master header, or CBFS_HEADER_INVALID_ADDRESS
 *  on failure */