bootboot: Fix potential buffer overflow in bruteforce_kernel() (see #124)

2024-11-30 12:23:10 +03:00 · 2021-11-10 13:40:39 +01:00 · 2021-11-10 13:40:39 +01:00 · 8b81412e14
commit 8b81412e14
parent 42cd7d95ac
1 changed files with 1 additions and 1 deletions
--- a/stage23/protos/bootboot/initrd.c
+++ b/stage23/protos/bootboot/initrd.c
@ -7,7 +7,7 @@
 #include <lib/blib.h>

 struct initrd_file bruteforce_kernel(struct initrd_file file) {
-    for (size_t i = 0; i < file.size; i++) {
+    for (size_t i = 0; i < file.size - 19; i++) {
        if (memcmp(file.data + i, "\177ELF", 4) == 0
         && file.data[i + 18] == 62 && file.data[i + 19] == 0 /* ehdr->e_machine == EM_X86_64 */) {
            printv("bootboot: using bruteforced kernel at initrd offset %X\n", file.data + i);