diff options
author | Daisuke Nojiri <dnojiri@chromium.org> | 2020-08-26 12:25:40 -0700 |
---|---|---|
committer | Commit Bot <commit-bot@chromium.org> | 2020-08-27 01:03:12 +0000 |
commit | 9de8df970c9b04947c2a65cc8c45a4b4a894085d (patch) | |
tree | 2f1b2772a8b2d33528a40438e311c6a8faee33bc /baseboard/kukui | |
parent | 5b647f412436dc60bb8523c11cd2ff107890b9f6 (diff) | |
download | chrome-ec-9de8df970c9b04947c2a65cc8c45a4b4a894085d.tar.gz |
CBI: Validate data size of input from host
Currently, the size of input data is not verified. This can cause
read overflow in cbi_set_data.
This patch makes the host command handler validate the input data
size.
BUG=chromium:1114458
BRANCH=none
TEST=cros_fuzz --board=amd64-generic reproduce \
--fuzzer ec_host_command_fuzzer \
--testcase ...ec_host_command_fuzzer-5111452783935488 \
--package chromeos-ec --build-type asan
Signed-off-by: Daisuke Nojiri <dnojiri@chromium.org>
Change-Id: Ia3e03cd6bb857e0fa594de9d8cc66d8788d6dcd8
Reviewed-on: https://chromium-review.googlesource.com/c/chromiumos/platform/ec/+/2378203
Reviewed-by: Jett Rink <jettrink@chromium.org>
Diffstat (limited to 'baseboard/kukui')
0 files changed, 0 insertions, 0 deletions