delta/coreboot/chrome-ec.git - review.coreboot.org: chrome-ec.git

diff options

author	Daisuke Nojiri <dnojiri@chromium.org>	2020-08-26 12:25:40 -0700
committer	Commit Bot <commit-bot@chromium.org>	2020-08-27 01:03:12 +0000
commit	9de8df970c9b04947c2a65cc8c45a4b4a894085d (patch)
tree	2f1b2772a8b2d33528a40438e311c6a8faee33bc /baseboard/kukui
parent	5b647f412436dc60bb8523c11cd2ff107890b9f6 (diff)
download	chrome-ec-9de8df970c9b04947c2a65cc8c45a4b4a894085d.tar.gz

CBI: Validate data size of input from host

Currently, the size of input data is not verified. This can cause read overflow in cbi_set_data. This patch makes the host command handler validate the input data size. BUG=chromium:1114458 BRANCH=none TEST=cros_fuzz --board=amd64-generic reproduce \ --fuzzer ec_host_command_fuzzer \ --testcase ...ec_host_command_fuzzer-5111452783935488 \ --package chromeos-ec --build-type asan Signed-off-by: Daisuke Nojiri <dnojiri@chromium.org> Change-Id: Ia3e03cd6bb857e0fa594de9d8cc66d8788d6dcd8 Reviewed-on: https://chromium-review.googlesource.com/c/chromiumos/platform/ec/+/2378203 Reviewed-by: Jett Rink <jettrink@chromium.org>

Diffstat (limited to 'baseboard/kukui')

0 files changed, 0 insertions, 0 deletions


context:
space:
mode: