diff options
author | Vadim Bendebury <vbendeb@chromium.org> | 2018-03-05 09:48:52 -0800 |
---|---|---|
committer | ChromeOS Commit Bot <chromeos-commit-bot@chromium.org> | 2018-03-14 01:19:56 +0000 |
commit | 241ef781ffa5abf5a17a0633acf10d7ae249ed3e (patch) | |
tree | d0bd709ec2572511a113aa33dc9c78f71088d6bf | |
parent | 65af6259f3c333dad0eff6678a4c6af04fcdad68 (diff) | |
download | chrome-ec-241ef781ffa5abf5a17a0633acf10d7ae249ed3e.tar.gz |
cr50: fix hash database parser to reject misformatted offsets/sizes
Section offsets and sizes are hex numbers which should not be longer
than 8 characters.
BRANCH=none
BUG=b:73668125
TEST=descriptions which miss the size field are properly reported now.
Before the utility would just terminate with an error without a
message.
Change-Id: I9bc461b5f848b80e464fecc9b40dcf0ea213c9a7
Signed-off-by: Vadim Bendebury <vbendeb@chromium.org>
Reviewed-on: https://chromium-review.googlesource.com/949311
Reviewed-by: Randall Spangler <rspangler@chromium.org>
(cherry picked from commit 1dfe3193e7110888268c98e1e9339e79b0ee5025)
Reviewed-on: https://chromium-review.googlesource.com/961616
-rw-r--r-- | extra/usb_updater/desc_parser.c | 2 |
1 files changed, 1 insertions, 1 deletions
diff --git a/extra/usb_updater/desc_parser.c b/extra/usb_updater/desc_parser.c index 04f144457c..6570c5f23e 100644 --- a/extra/usb_updater/desc_parser.c +++ b/extra/usb_updater/desc_parser.c @@ -91,7 +91,7 @@ static int get_hex_value(char *input, char **output) *output = NULL; value = strtol(input, &e, 16); - if (e && *e) { + if ((e && *e) || (strlen(input) > 8)) { fprintf(stderr, "Invalid hex value %s in section %d\n", input, section_count_); return -EINVAL; |