| Message ID | 20200410181141.32567-1-toertel@gmail.com |
|---|---|
| State | Accepted |
| Headers | show |
| Series | core: Fix CID 292180 save_stream() check read error | expand |
On 10/04/20 20:11, Mark Jonas wrote: > Reading from file can fail. Detect this and abort instead of continuing > with invalid data. > > Signed-off-by: Mark Jonas <toertel@gmail.com> > --- > core/stream_interface.c | 7 ++++++- > 1 file changed, 6 insertions(+), 1 deletion(-) > > diff --git a/core/stream_interface.c b/core/stream_interface.c > index 0866ecd..8e623d8 100644 > --- a/core/stream_interface.c > +++ b/core/stream_interface.c > @@ -368,7 +368,7 @@ static int save_stream(int fdin, struct swupdate_cfg *software) > } > > /* > - * Cache the beginnining of the SWU to parse > + * Cache the beginning of the SWU to parse > * sw-description and check if the output must be > * redirected. This allows to define the output file on demand > * setting it into sw-description. > @@ -380,6 +380,11 @@ static int save_stream(int fdin, struct swupdate_cfg *software) > goto no_copy_output; > } > len = read(fdin, buf, bufsize); > + if (len < 0) { > + ERROR("Reading from file failed, error %d", errno); > + ret = -EFAULT; > + goto no_copy_output; > + } > if (get_cpiohdr(buf, &fdh.size, &fdh.namesize, &fdh.chksum) < 0) { > ERROR("CPIO Header corrupted, cannot be parsed"); > ret = -EINVAL; > Reviewed-by: Stefano Babic <sbabic@denx.de> Best regards, Stefano Babic
diff --git a/core/stream_interface.c b/core/stream_interface.c index 0866ecd..8e623d8 100644 --- a/core/stream_interface.c +++ b/core/stream_interface.c @@ -368,7 +368,7 @@ static int save_stream(int fdin, struct swupdate_cfg *software) } /* - * Cache the beginnining of the SWU to parse + * Cache the beginning of the SWU to parse * sw-description and check if the output must be * redirected. This allows to define the output file on demand * setting it into sw-description. @@ -380,6 +380,11 @@ static int save_stream(int fdin, struct swupdate_cfg *software) goto no_copy_output; } len = read(fdin, buf, bufsize); + if (len < 0) { + ERROR("Reading from file failed, error %d", errno); + ret = -EFAULT; + goto no_copy_output; + } if (get_cpiohdr(buf, &fdh.size, &fdh.namesize, &fdh.chksum) < 0) { ERROR("CPIO Header corrupted, cannot be parsed"); ret = -EINVAL;
Reading from file can fail. Detect this and abort instead of continuing with invalid data. Signed-off-by: Mark Jonas <toertel@gmail.com> --- core/stream_interface.c | 7 ++++++- 1 file changed, 6 insertions(+), 1 deletion(-)