From patchwork Mon Jan 15 19:26:38 2024
Content-Type: text/plain; charset="utf-8"
MIME-Version: 1.0
Content-Transfer-Encoding: 7bit
X-Patchwork-Submitter: Michael Glembotzki <m.glembo@gmail.com>
X-Patchwork-Id: 1886821
X-Patchwork-Delegate: sbabic@denx.de
Return-Path: <swupdate+bncBDY5JUXLVIEBB7EOS2WQMGQEPWP43GA@googlegroups.com>
X-Original-To: incoming@patchwork.ozlabs.org
Delivered-To: patchwork-incoming@legolas.ozlabs.org
Authentication-Results: legolas.ozlabs.org;
	dkim=pass (2048-bit key;
 unprotected) header.d=googlegroups.com header.i=@googlegroups.com
 header.a=rsa-sha256 header.s=20230601 header.b=iDu5fNR0;
	dkim=pass (2048-bit key;
 unprotected) header.d=gmail.com header.i=@gmail.com header.a=rsa-sha256
 header.s=20230601 header.b=JcYfU86Q;
	dkim-atps=neutral
Authentication-Results: legolas.ozlabs.org;
 spf=pass (sender SPF authorized) smtp.mailfrom=googlegroups.com
 (client-ip=2a00:1450:4864:20::239; helo=mail-lj1-x239.google.com;
 envelope-from=swupdate+bncbdy5juxlviebb7eos2wqmgqepwp43ga@googlegroups.com;
 receiver=patchwork.ozlabs.org)
Received: from mail-lj1-x239.google.com (mail-lj1-x239.google.com
 [IPv6:2a00:1450:4864:20::239])
	(using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits)
	 key-exchange X25519 server-signature ECDSA (secp384r1) server-digest SHA384)
	(No client certificate requested)
	by legolas.ozlabs.org (Postfix) with ESMTPS id 4TDMdc686qz23ds
	for <incoming@patchwork.ozlabs.org>; Tue, 16 Jan 2024 06:29:07 +1100 (AEDT)
Received: by mail-lj1-x239.google.com with SMTP id
 38308e7fff4ca-2cd0804c5e6sf12132581fa.0
        for <incoming@patchwork.ozlabs.org>;
 Mon, 15 Jan 2024 11:29:07 -0800 (PST)
ARC-Seal: i=2; a=rsa-sha256; t=1705346942; cv=pass;
        d=google.com; s=arc-20160816;
        b=eXvg+ypFF0Dt9F6+6O0Wr/2cWK/inr4eNgKmcp1+lwe2xknvgFal/53/Xowo3zEXqS
         h2BU610INfnVv0kOEQgZJaGvscNYhX48FcHcW5tNmo8Z0BLzMpd0FwRUN0R3NQBwx44V
         7FZd2lzGeF3o52/f8hIWu8ljkdYVrj54sy78TG+8/jzLHuqLHw/8PtCr2Muz37Jr+DTP
         hz9xOrccoHZLzXCQOThZd+AzYNjSjwsesrDWwKstYR/WHdltX716Fj4+Ht1c1VVkF0ku
         yiOocL80YIBzQ8EZRYvWfccCq5XeAJVaL0sV5TA0N94LTH2/CJv1DnvPlbw+x91+hSK6
         zvxw==
ARC-Message-Signature: i=2; a=rsa-sha256; c=relaxed/relaxed; d=google.com;
 s=arc-20160816;
        h=list-unsubscribe:list-subscribe:list-archive:list-help:list-post
         :list-id:mailing-list:precedence:mime-version:references:in-reply-to
         :message-id:date:subject:cc:to:from:sender:dkim-signature
         :dkim-signature;
        bh=qVehcbU1dkDu9Dn4lPGr8az4mgozLElhAGPbPJwNDPk=;
        fh=zydHuzCQWrku2OPQyZfraJZFcOpEXLQ/YBcu3QNiBd0=;
        b=YbtNDkoBCwjZYHDv6d+AlUtlfZaS82m8KfKtD/n4BaDIqcpABut5m18D1OTYzDpgPg
         OYRIHbtLV1fYwIkSZJTdRjtjAL7YqGdFRTeG2VZF4ZfRcu8EQTLgYZAIZauqTQnauN1p
         YmXCBcMcnT3ifFt6dolqF8HN09EsflzlzB+UbkNWzVzVZpwVgkrOfNPkkZ8AiG6L7TfP
         IzlOz1ItStKzhl1BPnDl9cJ7JTnTUoK7XToZebgUEQfyqAbmeDJ3goYdhatSIylK9tJr
         uMK9u4/lSW6WAtqTSAT+7N3fAY5/mVbEr8afsqfF+dJptNvx8IKElbIgwlyF1MQHF2ip
         zQdg==
ARC-Authentication-Results: i=2; gmr-mx.google.com;
       dkim=pass header.i=@gmail.com header.s=20230601 header.b=NLBtFDy3;
       spf=pass (google.com: domain of m.glembo@gmail.com designates
 2a00:1450:4864:20::12a as permitted sender) smtp.mailfrom=m.glembo@gmail.com;
       dmarc=pass (p=NONE sp=QUARANTINE dis=NONE) header.from=gmail.com
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
        d=googlegroups.com; s=20230601; t=1705346942; x=1705951742;
 darn=patchwork.ozlabs.org;
        h=list-unsubscribe:list-subscribe:list-archive:list-help:list-post
         :list-id:mailing-list:precedence:x-original-authentication-results
         :x-original-sender:mime-version:references:in-reply-to:message-id
         :date:subject:cc:to:from:sender:from:to:cc:subject:date:message-id
         :reply-to;
        bh=qVehcbU1dkDu9Dn4lPGr8az4mgozLElhAGPbPJwNDPk=;
        b=iDu5fNR0tTTFQDEx/zW1t/LTzI6pGwQrS12VeGoLUpc+KcvKMDLHyNX1sf4jDLgyYZ
         2Y2SOzXrdNh3DKAe5ipRZkihnRaRK9TOf3EnqQiD7dejkGnr1ur+YHwAC3u6A8qZRYIa
         fAj6gAT18NQxwPnDm8Aj+26rrgGqxhQfzxxg6yGoI75Q63TojbAzafE9TMvLJOv1w+QA
         trB79YvOg24b30PWBQnktG5gDHeFeJJXaybQfFKoyjWI9WQ3MLucgt0vKX+oKL46wyAC
         lmv/KVNZWLhHlO21y0+3wT6DX99YX77P9TVojs+eITkRrOCQUaHiGYwybp0nnE51Ej+Z
         xJsg==
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
        d=gmail.com; s=20230601; t=1705346942; x=1705951742;
 darn=patchwork.ozlabs.org;
        h=list-unsubscribe:list-subscribe:list-archive:list-help:list-post
         :list-id:mailing-list:precedence:x-original-authentication-results
         :x-original-sender:mime-version:references:in-reply-to:message-id
         :date:subject:cc:to:from:from:to:cc:subject:date:message-id:reply-to;
        bh=qVehcbU1dkDu9Dn4lPGr8az4mgozLElhAGPbPJwNDPk=;
        b=JcYfU86QuQM/WMIjbPqbzFFpkJnl4Swiyx8B6SdNrFh3eGLUqHJ7OjDwkTvHpi8dbF
         rxFz7giK0ig3ErDIuCldxy5ZZ2XdGudAawtJbx2C7pVXx7f3Imi+KfY3N9yI4yw66Btr
         UXRnUPMDSAyKVBCimA2espnzqesvFGk20hkwnLeyckqz8iJHAZmgrjm37w/H5bfDpcRZ
         od3ocJ4W3y29MZEUdYkwvyakv8kKExcpR6nrZS+1yNRCOjVQx4SYLHAhql5CYh3+qf1x
         lOqYgFdpzDSUapeCKALC36Qmlpgyn1rWbggDWNat/pdngP+BvrsF1s2YdiZ3GO49dw+g
         J7DA==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
        d=1e100.net; s=20230601; t=1705346942; x=1705951742;
        h=list-unsubscribe:list-subscribe:list-archive:list-help:list-post
         :x-spam-checked-in-group:list-id:mailing-list:precedence
         :x-original-authentication-results:x-original-sender:mime-version
         :references:in-reply-to:message-id:date:subject:cc:to:from
         :x-beenthere:x-gm-message-state:sender:from:to:cc:subject:date
         :message-id:reply-to;
        bh=qVehcbU1dkDu9Dn4lPGr8az4mgozLElhAGPbPJwNDPk=;
        b=kDoMLAVQz3DWS2tGa+n9vejZajY4JWhJlDHvDerpCdwLyS+y0uJbKi2Bpg+jan9SZv
         wx0RsTULX0d5/EhaLf5qBgb4QvlscGd2UjPSXugCBWZWNau/4mDBK4xT2h2tGCQFcOU2
         0YpL7CdiLbIykSp9exvnII+6qXN/A7CkZDBz7z4G1Nvy2PA/0bWDyoBocYBZDr+VqtIQ
         +C6ugbe3mUtiRB52YMpi9mDJnjx6oZVkSzuWBwHH3wWPQ/bi5g7Z1veML2Qpskqw51Gx
         kXYFrwPIiDCEfV2HuchlsDfLrydnaD8B1lHGAKZ/qnupRvW/CVoPARG+Ap/0s0av7SXu
         8eTw==
Sender: swupdate@googlegroups.com
X-Gm-Message-State: AOJu0YzfJ3cgNFkheWQT57XFeXMVngqGF3XYSZxb/Tfse1vuZpUatdCw
	tm4p3TRulTXcTBw1mQwOVyY=
X-Google-Smtp-Source: 
 AGHT+IH6F9CqlZiB9ClfIl4bQANr+B+bLuQQoPpfbcXcFKvrMTYUUuOqmrIJdkXH/b21l+M68nKTtA==
X-Received: by 2002:a2e:8094:0:b0:2cc:7103:6b21 with SMTP id
 i20-20020a2e8094000000b002cc71036b21mr3010987ljg.53.1705346941206;
        Mon, 15 Jan 2024 11:29:01 -0800 (PST)
X-BeenThere: swupdate@googlegroups.com
Received: by 2002:a2e:a992:0:b0:2cc:ea42:1d66 with SMTP id
 x18-20020a2ea992000000b002ccea421d66ls102298ljq.1.-pod-prod-05-eu;
 Mon, 15 Jan 2024 11:28:59 -0800 (PST)
X-Received: by 2002:a05:651c:168f:b0:2cc:effb:cbb2 with SMTP id
 bd15-20020a05651c168f00b002cceffbcbb2mr2755695ljb.52.1705346938716;
        Mon, 15 Jan 2024 11:28:58 -0800 (PST)
ARC-Seal: i=1; a=rsa-sha256; t=1705346938; cv=none;
        d=google.com; s=arc-20160816;
        b=CpBolyFoPukaKR+BMza+A9Yw+JLeh4WJqc1bIhAwdMrtI1MHv7NT7cFCU0F1T/wSm8
         LzLqYRtEAKqf4YdZhTi9GPvX1jpvGvaZcd9k7WcasjyeV7q0tzfYoPEs8ETzXyiEBU/F
         0adq6RVv12wPJpoQ/wlWsXOeChXJWSfHR7WkrQOnRlQjGhtNwmGz2EiviG8r1UmXe8u/
         JJnTAX15MoJDbrZgNtL8Lm0IUmvms9xGbjIq+nYT88p7Giy1YIjAig7cvOWZunFYFsdE
         fFa04EqX2FasvspXaoLBNJRBDvkuVhc0TafkBu/dmeZyN7ySlz9hgWsTFn3WCu6igp9w
         Z+jw==
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com;
 s=arc-20160816;
        h=content-transfer-encoding:mime-version:references:in-reply-to
         :message-id:date:subject:cc:to:from:dkim-signature;
        bh=tyCz6ocQg83n7YWHMsCZvZFv582BUejHqC2Oya4n994=;
        fh=zydHuzCQWrku2OPQyZfraJZFcOpEXLQ/YBcu3QNiBd0=;
        b=YxV6QcJzL74DGXA+Pv/TD4m6XQZ3CYShpBUeHHwCuNwdfLnT045cU/b8LEkM3306/a
         4hWq+h/UNP3dx3KBbngWXAqJp6IisBfIVS6YfElDWp8aYCWFwdNZXWmRYsSVE9ETTXqP
         3iH3JN5c1Yhf7c3aCfSRvZH9NOTgOmQOs9il5czXsDD5sJ385EilF7+CokK5e6b/GexU
         IbTeJsHRopebYXunnsqumDIxQjX/AgF7/jSnunDADKPr4za42mawYuKdQi00A5tgHmt6
         eP9qfrSHLHpZI/zFkgghzUeiAnY0H8m0bzPJSzklJd9cYZEvtkwyhtS3b23mFUanVrDi
         6SHw==
ARC-Authentication-Results: i=1; gmr-mx.google.com;
       dkim=pass header.i=@gmail.com header.s=20230601 header.b=NLBtFDy3;
       spf=pass (google.com: domain of m.glembo@gmail.com designates
 2a00:1450:4864:20::12a as permitted sender) smtp.mailfrom=m.glembo@gmail.com;
       dmarc=pass (p=NONE sp=QUARANTINE dis=NONE) header.from=gmail.com
Received: from mail-lf1-x12a.google.com (mail-lf1-x12a.google.com.
 [2a00:1450:4864:20::12a])
        by gmr-mx.google.com with ESMTPS id
 w25-20020a2e9999000000b002cd6347ba65si322598lji.5.2024.01.15.11.28.58
        for <swupdate@googlegroups.com>
        (version=TLS1_3 cipher=TLS_AES_128_GCM_SHA256 bits=128/128);
        Mon, 15 Jan 2024 11:28:58 -0800 (PST)
Received-SPF: pass (google.com: domain of m.glembo@gmail.com designates
 2a00:1450:4864:20::12a as permitted sender) client-ip=2a00:1450:4864:20::12a;
Received: by mail-lf1-x12a.google.com with SMTP id
 2adb3069b0e04-50e5a9bcec9so11079179e87.3
        for <swupdate@googlegroups.com>; Mon, 15 Jan 2024 11:28:58 -0800 (PST)
X-Received: by 2002:a05:6512:551:b0:50e:75fc:35be with SMTP id
 h17-20020a056512055100b0050e75fc35bemr2920297lfl.90.1705346937934;
        Mon, 15 Jan 2024 11:28:57 -0800 (PST)
Received: from PC-2635.irisgmbh.local
 (dslb-002-203-161-041.002.203.pools.vodafone-ip.de. [2.203.161.41])
        by smtp.gmail.com with ESMTPSA id
 tl7-20020a170907c30700b00a2de58581f6sm1289255ejc.74.2024.01.15.11.28.57
        (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256);
        Mon, 15 Jan 2024 11:28:57 -0800 (PST)
From: Michael Glembotzki <m.glembo@gmail.com>
To: swupdate@googlegroups.com
Cc: Michael Glembotzki <Michael.Glembotzki@iris-sensing.com>
Subject: [swupdate] [V4][PATCH 1/8] parser: BUG: Image IVT with invalid size
 is accepted
Date: Mon, 15 Jan 2024 20:26:38 +0100
Message-ID: <20240115192845.51530-2-Michael.Glembotzki@iris-sensing.com>
X-Mailer: git-send-email 2.43.0
In-Reply-To: <20240115192845.51530-1-Michael.Glembotzki@iris-sensing.com>
References: <20240115192845.51530-1-Michael.Glembotzki@iris-sensing.com>
MIME-Version: 1.0
X-Original-Sender: m.glembo@gmail.com
X-Original-Authentication-Results: gmr-mx.google.com;       dkim=pass
 header.i=@gmail.com header.s=20230601 header.b=NLBtFDy3;       spf=pass
 (google.com: domain of m.glembo@gmail.com designates 2a00:1450:4864:20::12a
 as permitted sender) smtp.mailfrom=m.glembo@gmail.com;       dmarc=pass
 (p=NONE sp=QUARANTINE dis=NONE) header.from=gmail.com
Precedence: list
Mailing-list: list swupdate@googlegroups.com;
 contact swupdate+owners@googlegroups.com
List-ID: <swupdate.googlegroups.com>
X-Spam-Checked-In-Group: swupdate@googlegroups.com
X-Google-Group-Id: 605343134186
List-Post: <https://groups.google.com/group/swupdate/post>,
 <mailto:swupdate@googlegroups.com>
List-Help: <https://groups.google.com/support/>,
 <mailto:swupdate+help@googlegroups.com>
List-Archive: <https://groups.google.com/group/swupdate
List-Subscribe: <https://groups.google.com/group/swupdate/subscribe>,
 <mailto:swupdate+subscribe@googlegroups.com>
List-Unsubscribe: 
 <mailto:googlegroups-manage+605343134186+unsubscribe@googlegroups.com>,
 <https://groups.google.com/group/swupdate/subscribe>

An IVT with invalid size is currently accepted. Make an explicit size check
before setting the image IVT.

Signed-off-by: Michael Glembotzki <Michael.Glembotzki@iris-sensing.com>
---
 parser/parser.c | 18 +++++++++++++++++-
 1 file changed, 17 insertions(+), 1 deletion(-)

diff --git a/parser/parser.c b/parser/parser.c
index e13992e..67ae1b3 100644
--- a/parser/parser.c
+++ b/parser/parser.c
@@ -393,6 +393,22 @@ static int run_embscript(parsertype p, void *elem, struct img_type *img,
 	return lua_parser_fn(L, embfcn, img);
 }
 
+static void get_ivt_value(parsertype p, void *elem, char *ivt_ascii)
+{
+	size_t ivtlen;
+	const char *s = NULL;
+
+	s = get_field_string(p, elem, "ivt");
+	if (s) {
+		ivtlen = strnlen(s, SWUPDATE_GENERAL_STRING_SIZE);
+		if (ivtlen != (AES_BLK_SIZE * 2)) {
+			ERROR("Invalid ivt length");
+			return;
+		}
+		strncpy(ivt_ascii, s, ivtlen);
+	}
+}
+
 static int parse_common_attributes(parsertype p, void *elem, struct img_type *image, struct swupdate_cfg *cfg)
 {
 	char seek_str[MAX_SEEK_STRING_SIZE];
@@ -451,7 +467,7 @@ static int parse_common_attributes(parsertype p, void *elem, struct img_type *im
 	get_field(p, elem, "install-if-different", &image->id.install_if_different);
 	get_field(p, elem, "install-if-higher", &image->id.install_if_higher);
 	get_field(p, elem, "encrypted", &image->is_encrypted);
-	GET_FIELD_STRING(p, elem, "ivt", image->ivt_ascii);
+	get_ivt_value(p, elem, image->ivt_ascii);
 
 	if (is_image_installed(&cfg->installed_sw_list, image)) {
 		image->skip = SKIP_SAME;