crosvm

mirror of https://chromium.googlesource.com/crosvm/crosvm synced 2024-10-25 21:39:48 +00:00

History

Daniel Verkamp 76199b4a05 kernel_loader: check phdr memory size addition The mem_offset + phdr.memsz addition is using untrusted input (phdr.memsz) and can overflow; add an explicit check to avoid panics on invalid values. BUG=None TEST=/usr/libexec/fuzzers/crosvm_zimage_fuzzer in cros_fuzz shell Change-Id: Ie6f7f27bd00958ff85201cecaa75ce2b19779b8b Signed-off-by: Daniel Verkamp <dverkamp@chromium.org> Reviewed-on: https://chromium-review.googlesource.com/c/chromiumos/platform/crosvm/+/1674664 Tested-by: kokoro <noreply+kokoro@google.com> Reviewed-by: Dylan Reid <dgreid@chromium.org>	2019-06-25 17:12:06 +00:00
..
src	kernel_loader: check phdr memory size addition	2019-06-25 17:12:06 +00:00
Cargo.toml	edition: Update kernel_cmdline and kernel_loader to 2018 edition	2019-04-08 02:51:37 -07:00

Daniel Verkamp 76199b4a05 kernel_loader: check phdr memory size addition

The mem_offset + phdr.memsz addition is using untrusted input
(phdr.memsz) and can overflow; add an explicit check to avoid panics on
invalid values.

BUG=None
TEST=/usr/libexec/fuzzers/crosvm_zimage_fuzzer in cros_fuzz shell

Change-Id: Ie6f7f27bd00958ff85201cecaa75ce2b19779b8b
Signed-off-by: Daniel Verkamp <dverkamp@chromium.org>
Reviewed-on: https://chromium-review.googlesource.com/c/chromiumos/platform/crosvm/+/1674664
Tested-by: kokoro <noreply+kokoro@google.com>
Reviewed-by: Dylan Reid <dgreid@chromium.org>

2019-06-25 17:12:06 +00:00

src

kernel_loader: check phdr memory size addition

2019-06-25 17:12:06 +00:00

Cargo.toml

edition: Update kernel_cmdline and kernel_loader to 2018 edition

2019-04-08 02:51:37 -07:00