robin.thoni
/
ipxe
Watch 1
Star 0
Fork 0
Code Issues 0 Pull Requests 0 Releases 11 Wiki Activity
Browse Source

[image] Avoid claiming zero-length images as valid 

Both the script and PXE images types will claim a zero-length image.
Inhibit this to avoid end-user surprises.
tags/v0.9.7
Michael Brown 16 years ago
parent
076154a1c6
commit
24e948f030
2 changed files with 12 additions and 0 deletions
Unified View Show Diff Stats
  1. 6
    0
      src/arch/i386/image/pxe_image.c
  2. 6
    0
      src/image/script.c

+ 6
- 0
src/arch/i386/image/pxe_image.c View File

88 
 	if ( filesz > ( 0xa0000 - 0x7c00 ) )
 88 
 	if ( filesz > ( 0xa0000 - 0x7c00 ) )
89 
 		return -ENOEXEC;
 89 
 		return -ENOEXEC;
90
90
91 
+	/* Rejecting zero-length images is also useful, since these
92 
+	 * end up looking to the user like bugs in gPXE.
93 
+	 */
94 
+	if ( ! filesz )
95 
+		return -ENOEXEC;
96 
+
91 
 	/* There are no signature checks for PXE; we will accept anything */
 97 
 	/* There are no signature checks for PXE; we will accept anything */
92 
 	if ( ! image->type )
 98 
 	if ( ! image->type )
93 
 		image->type = &pxe_image_type;
 99 
 		image->type = &pxe_image_type;

+ 6
- 0
src/image/script.c View File

94 
 	static const char magic[] = "#!gpxe\n";
 94 
 	static const char magic[] = "#!gpxe\n";
95 
 	char test[ sizeof ( magic ) - 1 ];
 95 
 	char test[ sizeof ( magic ) - 1 ];
96
96
97 
+	/* Sanity check */
98 
+	if ( image->len < sizeof ( test ) ) {
99 
+		DBG ( "Too short to be a script\n" );
100 
+		return -ENOEXEC;
101 
+	}
102 
+
97 
 	/* Check for magic signature */
 103 
 	/* Check for magic signature */
98 
 	copy_from_user ( test, image->data, 0, sizeof ( test ) );
 104 
 	copy_from_user ( test, image->data, 0, sizeof ( test ) );
99 
 	if ( memcmp ( test, magic, sizeof ( test ) ) != 0 ) {
 105 
 	if ( memcmp ( test, magic, sizeof ( test ) ) != 0 ) {

Write Preview
Loading…
Cancel
Save