tequilaOS/platform_bootable_recovery
2
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity

DO NOT MERGE: Add a checker for signature boundary in verifier

Browse source 
am: f616da1726

Change-Id: I05a1a6775229a1041e1a93388a86262d36d6581b
This commit is contained in:
Tianjie Xu 2017-01-18 22:22:16 +00:00 committed by android-build-merger
commit 5346da0220
1 changed files with 7 additions and 0 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

7
verifier.cpp
View file

@ -79,6 +79,13 @@ int verify_file(const char* path, const Certificate* pKeys, unsigned int numKeys
LOGI("comment is %d bytes; signature %d bytes from end\n", LOGI("comment is %d bytes; signature %d bytes from end\n",
comment_size, signature_start); comment_size, signature_start);
if (signature_start > comment_size) {
LOGE("signature start: %zu is larger than comment size: %zu\n", signature_start,
comment_size);
fclose(f);
return VERIFY_FAILURE;
}
if (signature_start - FOOTER_SIZE < RSANUMBYTES) { if (signature_start - FOOTER_SIZE < RSANUMBYTES) {
// "signature" block isn't big enough to contain an RSA block. // "signature" block isn't big enough to contain an RSA block.
LOGE("signature is too short\n"); LOGE("signature is too short\n");