Merge "aboot: Check size of unsparsed images before flashing"

commit: e867a873c87b63ba8866bd84b9c8ab6cd948df8b [log] [tgz]
author: Linux Build Service Account <lnxbuild@localhost> Sun May 12 23:26:39 2013 -0700
committer: Gerrit - the friendly Code Review server <code-review@localhost> Sun May 12 23:26:39 2013 -0700
tree: c79aa8245749aaa1dbb1acd333ecde113f407510
parent: 862f74bc7ec5c9bfd3b16e9aab82c4a062512d83 [diff]
parent: 876b328a59b78c2172d2ac75fba0fd10de95b138 [diff]
diff --git a/app/aboot/aboot.c b/app/aboot/aboot.c
index 1ebc41e..88fc4a5 100644
--- a/app/aboot/aboot.c
+++ b/app/aboot/aboot.c

@@ -1438,6 +1438,11 @@
 
 	/* Read and skip over sparse image header */
 	sparse_header = (sparse_header_t *) data;
+	if ((sparse_header->total_blks * sparse_header->blk_sz) > size) {
+		fastboot_fail("size too large");
+		return;
+	}
+
 	data += sparse_header->file_hdr_sz;
 	if(sparse_header->file_hdr_sz > sizeof(sparse_header_t))
 	{
commit	e867a873c87b63ba8866bd84b9c8ab6cd948df8b	[log] [tgz]
author	Linux Build Service Account <lnxbuild@localhost>	Sun May 12 23:26:39 2013 -0700
committer	Gerrit - the friendly Code Review server <code-review@localhost>	Sun May 12 23:26:39 2013 -0700
tree	c79aa8245749aaa1dbb1acd333ecde113f407510
parent	862f74bc7ec5c9bfd3b16e9aab82c4a062512d83 [diff]
parent	876b328a59b78c2172d2ac75fba0fd10de95b138 [diff]