Boot: Re-apply modifications after code sync
-Some of the security-related modifications were lost during code
synchronization (change-id: Ibe948792b306e96282fb82447bb3f05a0c6389ef).
Re-apply the usage of constant time memory equality functions and
overflow checks in the corresponding parts of the code.
-Use new boot_find_tlv_offs() function that came from mainstream MCUBoot
with the code synchronization.
Change-Id: I3d32dc128d4fc826ac09d752cb1484d189acfb4f
Signed-off-by: David Vincze <david.vincze@arm.com>
diff --git a/bl2/ext/mcuboot/bootutil/src/loader.c b/bl2/ext/mcuboot/bootutil/src/loader.c
index 5204a1e..9f47591 100644
--- a/bl2/ext/mcuboot/bootutil/src/loader.c
+++ b/bl2/ext/mcuboot/bootutil/src/loader.c
@@ -170,7 +170,7 @@
*/
int
boot_find_tlv_offs(const struct image_header *hdr, const struct flash_area *fap,
- uint32_t *off, uint32_t *end)
+ uint32_t *off, uint32_t *end)
{
struct image_tlv_info info;
uint32_t off_;
@@ -185,6 +185,11 @@
return BOOT_EBADIMAGE;
}
+ if (boot_add_uint32_overflow_check(off_, info.it_tlv_tot))
+ {
+ return -1;
+ }
+
*end = off_ + info.it_tlv_tot;
*off = off_ + sizeof(info);
return 0;