libpayload: cbfs: Require input size and output size for cbfs_decompress
Currently, cbfs_decompress() calls ulzma() and ulz4f() for LZMA/LZ4 decompression. These two functions don't accept input/output size as parameters. We can make cbfs_decompress more robust by calling ulzman() and ulz4fn() instead. This could prevent us from overflowing destination buffer. BUG=none BRANCH=none TEST=boot into kernel on Kukui with COMPRESSED_PAYLOAD_LZMA / COMPRESSED_PAYLOAD_LZ4. Change-Id: Ibe617825bd000ed618791d8e3c5f65bbbd5f7e33 Signed-off-by: You-Cheng Syu <youcheng@google.com> Reviewed-on: https://review.coreboot.org/c/31606 Tested-by: build bot (Jenkins) <no-reply@coreboot.org> Reviewed-by: Julius Werner <jwerner@chromium.org> Reviewed-by: Daisuke Nojiri <dnojiri@chromium.org>
This commit is contained in:
committed by
Patrick Georgi
parent
08087a3e8a
commit
5ec1d24974
@@ -114,8 +114,9 @@ void * cbfs_load_stage(struct cbfs_media *media, const char *name)
|
||||
final_size = cbfs_decompress(stage->compression,
|
||||
((unsigned char *) stage) +
|
||||
sizeof(struct cbfs_stage),
|
||||
stage->len,
|
||||
(void *) (uintptr_t) stage->load,
|
||||
stage->len);
|
||||
stage->memlen);
|
||||
if (!final_size) {
|
||||
entry = -1;
|
||||
goto out;
|
||||
|
Reference in New Issue
Block a user