packages/arm-trusted-firmware
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity
arm-trusted-firmware/CVE-2024-6564.patch
zhangxianting fa4c658511 Fix CVE-2024-6563 CVE-2024-6564 
(cherry picked from commit 332ad893354e0f03bc07ebd0fec68b51ba6af993)
2024-07-10 17:06:43 +08:00

43 lines
1.4 KiB
Diff
Raw Blame History

From c9fb3558410032d2660c7f3b7d4b87dec09fe2f2 Mon Sep 17 00:00:00 2001
From: Yoshifumi Hosoya <yoshifumi.hosoya.wj@renesas.com>
Date: Mon, 3 Jul 2023 16:58:11 +0900
Subject: [PATCH] rcar-gen3: plat: BL2: Fix to check "rcar_image_number"
variable before use
Reviewed-by: Tomer Fichman <Tomer.Fichman@cymotive.com>
Signed-off-by: Yoshifumi Hosoya <yoshifumi.hosoya.wj@renesas.com>
---
drivers/renesas/common/io/io_rcar.c | 10 +++++-----
1 file changed, 5 insertions(+), 5 deletions(-)
diff --git a/drivers/renesas/common/io/io_rcar.c b/drivers/renesas/common/io/io_rcar.c
index b1638a1e0..03a8f8212 100644
--- a/drivers/renesas/common/io/io_rcar.c
+++ b/drivers/renesas/common/io/io_rcar.c
@@ -496,17 +496,17 @@ static int32_t rcar_dev_init(io_dev_info_t *dev_info, const uintptr_t name)
#endif
rcar_image_number = header[0];
- for (i = 0; i < rcar_image_number + 2; i++) {
- rcar_image_header[i] = header[i * 2 + 1];
- rcar_image_header_prttn[i] = header[i * 2 + 2];
- }
-
if (rcar_image_number == 0 || rcar_image_number > RCAR_MAX_BL3X_IMAGE) {
WARN("Firmware Image Package header check failed.\n");
rc = IO_FAIL;
goto error;
}
+ for (i = 0; i < rcar_image_number + 2; i++) {
+ rcar_image_header[i] = header[i * 2 + 1];
+ rcar_image_header_prttn[i] = header[i * 2 + 2];
+ }
+
rc = io_seek(handle, IO_SEEK_SET, offset + RCAR_SECTOR6_CERT_OFFSET);
if (rc != IO_SUCCESS) {
WARN("Firmware Image Package header failed to seek cert\n");
--
2.20.1
Reference in New Issue View Git Blame Copy Permalink