git.ipfire.org Git - thirdparty/openwrt.git/commit

]> git.ipfire.org Git - thirdparty/openwrt.git/commit

projects / thirdparty / openwrt.git / commit

author	Daniel Golle <daniel@makrotopia.org>
	Thu, 24 Apr 2025 05:43:59 +0000 (06:43 +0100)
committer	Daniel Golle <daniel@makrotopia.org>
	Thu, 24 Apr 2025 05:43:59 +0000 (06:43 +0100)
commit	27adf03f703319f4a6900b07be5f6786045a6dad
tree	2e0284f300741959be6bd47a4da4969645cbf857	tree
parent	3c65dc367827bc06bd45f7eb375c59192deb0a75	commit \| diff

uboot-tools: validate all uImage.FIT sub-images

uImage.FIT validation was restricted to certain sub-image types
which is problematic as it then won't validate eg. 'filesystem' type
subimages. Also prevent decompressing sub-images into a arbitrary
sized buffer just to then free that buffer -- there is not need to
do this and creating malicious compressed payloads which overflow the
buffer is too easy.

Signed-off-by: Daniel Golle <daniel@makrotopia.org>

package/boot/uboot-tools/Makefile		diff \| blob \| blame \| history
package/boot/uboot-tools/patches/013-tools-fit_check_sign-all-image-types.patch	[new file with mode: 0644]	blob
package/boot/uboot-tools/patches/014-tools-fit_check_sign-no-decompress.patch	[new file with mode: 0644]	blob

Mirror of https://github.com/openwrt/openwrt.git

RSS Atom