Skip to content

Commit bc4ec50

Browse files
danielinuxdanielinux
committed
delta: reject sector sizes that overflow 16-bit match length
F/2582
1 parent 2bd6274 commit bc4ec50

2 files changed

Lines changed: 40 additions & 0 deletions

File tree

src/delta.c

Lines changed: 6 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -233,6 +233,12 @@ int wb_diff_get_sector_size(void)
233233
fprintf(stderr, "WOLFBOOT_SECTOR_SIZE cannot be 0\n");
234234
exit(6);
235235
}
236+
if (sec_sz > 0xFFFFU) {
237+
fprintf(stderr,
238+
"WOLFBOOT_SECTOR_SIZE (%" PRIu32 ") exceeds delta encoding limit (65535)\n",
239+
sec_sz);
240+
exit(6);
241+
}
236242
if (sec_sz > (uint32_t)INT_MAX) {
237243
fprintf(stderr, "WOLFBOOT_SECTOR_SIZE (%" PRIu32 ") exceeds INT_MAX (%d)\n",
238244
sec_sz, INT_MAX);

tools/unit-tests/unit-delta.c

Lines changed: 34 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -25,6 +25,9 @@
2525
#include <string.h>
2626
#include <stdio.h>
2727
#include <stdlib.h>
28+
#include <sys/types.h>
29+
#include <sys/wait.h>
30+
#include <unistd.h>
2831

2932
#include "delta.h"
3033
#define WC_RSA_BLINDING
@@ -480,6 +483,36 @@ START_TEST(test_wb_patch_and_diff_multi_sector_images)
480483
}
481484
END_TEST
482485

486+
START_TEST(test_wb_diff_get_sector_size_rejects_values_above_16bit)
487+
{
488+
const char *saved = getenv("WOLFBOOT_SECTOR_SIZE");
489+
char *saved_copy = saved ? strdup(saved) : NULL;
490+
pid_t pid;
491+
int status = 0;
492+
493+
ck_assert_int_eq(setenv("WOLFBOOT_SECTOR_SIZE", "0x20000", 1), 0);
494+
pid = fork();
495+
ck_assert_int_ne(pid, -1);
496+
497+
if (pid == 0) {
498+
(void)wb_diff_get_sector_size();
499+
_exit(0);
500+
}
501+
502+
ck_assert_int_eq(waitpid(pid, &status, 0), pid);
503+
ck_assert_int_eq(WIFEXITED(status), 1);
504+
ck_assert_int_eq(WEXITSTATUS(status), 6);
505+
506+
if (saved_copy != NULL) {
507+
ck_assert_int_eq(setenv("WOLFBOOT_SECTOR_SIZE", saved_copy, 1), 0);
508+
free(saved_copy);
509+
}
510+
else {
511+
ck_assert_int_eq(unsetenv("WOLFBOOT_SECTOR_SIZE"), 0);
512+
}
513+
}
514+
END_TEST
515+
483516
START_TEST(test_wb_patch_and_diff_size_changing_update)
484517
{
485518
uint8_t src_a[2048];
@@ -539,6 +572,7 @@ Suite *patch_diff_suite(void)
539572
tcase_add_test(tc_wolfboot_delta, test_wb_patch_and_diff_completely_different_images);
540573
tcase_add_test(tc_wolfboot_delta, test_wb_patch_and_diff_all_escape_images);
541574
tcase_add_test(tc_wolfboot_delta, test_wb_patch_and_diff_multi_sector_images);
575+
tcase_add_test(tc_wolfboot_delta, test_wb_diff_get_sector_size_rejects_values_above_16bit);
542576
tcase_add_test(tc_wolfboot_delta, test_wb_patch_and_diff_size_changing_update);
543577
tcase_add_test(tc_wolfboot_delta, test_wb_patch_and_diff_single_byte_difference);
544578
suite_add_tcase(s, tc_wolfboot_delta);

0 commit comments

Comments
 (0)