From a18e93125de1ce8caf1d6c00cc7f6f0c96f7854f Mon Sep 17 00:00:00 2001 From: Andrew Jones Date: Fri, 2 Jun 2017 11:51:46 +0100 Subject: load_uboot_image: don't assume a full header read Don't allow load_uboot_image() to proceed when less bytes than header-size was read. Signed-off-by: Andrew Jones Message-id: 20170524091315.20284-1-drjones@redhat.com Reviewed-by: Peter Maydell Signed-off-by: Peter Maydell --- hw/core/loader.c | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) (limited to 'hw/core/loader.c') diff --git a/hw/core/loader.c b/hw/core/loader.c index bf17b42cbe..f72930ca4a 100644 --- a/hw/core/loader.c +++ b/hw/core/loader.c @@ -611,8 +611,9 @@ static int load_uboot_image(const char *filename, hwaddr *ep, hwaddr *loadaddr, return -1; size = read(fd, hdr, sizeof(uboot_image_header_t)); - if (size < 0) + if (size < sizeof(uboot_image_header_t)) { goto out; + } bswap_uboot_header(hdr); -- cgit v1.2.3