[HCI] Display "Not an executable image" when appropriate

PXE is a catch-all image format with no signature checks.  If an
unsupported image file is loaded, it will be treated as a PXE image.  In
most cases, the image will be too large to be loaded as a PXE image (which
has to fit in base memory), so the error returned to the user will be that
the segment could not fit within the memory region.

Add an explicit check to pxe_image.c to reject images larger than base
memory with ENOEXEC.

Add ENOEXEC to the error string table.

diff --git a/src/arch/i386/image/pxe_image.c b/src/arch/i386/image/pxe_image.c
index 9e634f1493bfc0ef3af1f686548f4778ef6cdcc8..77fa0469a1c3e784c3a2350a1d7967178b1836ac 100644 (file)
--- a/src/arch/i386/image/pxe_image.c
+++ b/src/arch/i386/image/pxe_image.c
@@ -84,6 +84,14 @@ int pxe_load ( struct image *image ) {
        size_t memsz = image->len;
        int rc;
 
+       /* Images too large to fit in base memory cannot be PXE
+        * images.  We include this check to help prevent unrecognised
+        * images from being marked as PXE images, since PXE images
+        * have no signature we can check against.
+        */
+       if ( filesz > ( 0xa0000 - 0x7c00 ) )
+               return -ENOEXEC;
+
        /* There are no signature checks for PXE; we will accept anything */
        if ( ! image->type )
                image->type = &pxe_image_type;

diff --git a/src/hci/strerror.c b/src/hci/strerror.c
index 4fc15d01d717875713d97808b720ff28bae0afd2..69675905e5cde94a7574cfa400240efdd760ae10 100644 (file)
--- a/src/hci/strerror.c
+++ b/src/hci/strerror.c
@@ -118,4 +118,5 @@ struct errortab common_errors[] __errortab = {
        { ETIMEDOUT, "Connection timed out" },
        { EPIPE, "Broken pipe" },
        { ECANCELED, "Operation cancelled" },
+       { ENOEXEC, "Not an executable image" },
 };