Project-1CE/system_update_engine - Unnamed repository; edit this file 'description' to name the repository.

diff options

author	Andrew <andrewlassalle@chromium.org>	2019-12-19 11:38:08 -0800
committer	Commit Bot <commit-bot@chromium.org>	2020-01-07 02:36:40 +0000
commit	3a7dc26624a526b3efc278877002c69d4d55b86f (patch)
tree	6f063adc5d5d2b47696bc6c5d5edd92c8dc9f0da /scripts/update_payload/format_utils.py
parent	766135abfb530609614295c90899fd6be335c687 (diff)

update_engine: Check metadata and signature sizes

Check that the size of the metadata size and signature sizes are smaller that the payload size. Without this check, the delta performer writes X number of bytes to the buffer before validating these values, and an attacker could provide a huge value which will make update_engine crash. BUG=chromium:1027166 TEST=fuzzer, unittest, install/unistall DLC on DUT TEST=test_that -b $BOARD $IP autoupdate_EOL Change-Id: Iad3a314efacbb1005fac37dd383a3f8852008f4b Reviewed-on: https://chromium-review.googlesource.com/c/aosp/platform/system/update_engine/+/1976079 Commit-Queue: Andrew Lassalle <andrewlassalle@chromium.org> Tested-by: Andrew Lassalle <andrewlassalle@chromium.org> Reviewed-by: Amin Hassani <ahassani@chromium.org> Auto-Submit: Andrew Lassalle <andrewlassalle@chromium.org>

Diffstat (limited to 'scripts/update_payload/format_utils.py')

0 files changed, 0 insertions, 0 deletions


context:
space:
mode: