| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-ID: <db57c01c-bdcc-4a0f-95db-b0f2784ea91f@sabinyo.mountain>
Date: Wed, 25 Jun 2025 10:22:41 -0500
From: Dan Carpenter <dan.carpenter@...aro.org>
To: Bjorn Andersson <andersson@...nel.org>
Cc: Konrad Dybcio <konradybcio@...nel.org>,
Dmitry Baryshkov <dmitry.baryshkov@....qualcomm.com>,
linux-arm-msm@...r.kernel.org, linux-kernel@...r.kernel.org,
kernel-janitors@...r.kernel.org
Subject: [PATCH] soc: qcom: mdt_loader: Fix error return values in
mdt_header_valid()
This function is supposed to return true for valid headers and false for
invalid. In a couple places it returns -EINVAL instead which means the
invalid headers are counted as true. Change it to return false.
Fixes: 9f9967fed9d0 ("soc: qcom: mdt_loader: Ensure we don't read past the ELF header")
Signed-off-by: Dan Carpenter <dan.carpenter@...aro.org>
---
drivers/soc/qcom/mdt_loader.c | 4 ++--
1 file changed, 2 insertions(+), 2 deletions(-)
diff --git a/drivers/soc/qcom/mdt_loader.c b/drivers/soc/qcom/mdt_loader.c
index 1b4ebae458f3..0ca268bdf1f8 100644
--- a/drivers/soc/qcom/mdt_loader.c
+++ b/drivers/soc/qcom/mdt_loader.c
@@ -33,14 +33,14 @@ static bool mdt_header_valid(const struct firmware *fw)
return false;
if (ehdr->e_phentsize != sizeof(struct elf32_phdr))
- return -EINVAL;
+ return false;
phend = size_add(size_mul(sizeof(struct elf32_phdr), ehdr->e_phnum), ehdr->e_phoff);
if (phend > fw->size)
return false;
if (ehdr->e_shentsize != sizeof(struct elf32_shdr))
- return -EINVAL;
+ return false;
shend = size_add(size_mul(sizeof(struct elf32_shdr), ehdr->e_shnum), ehdr->e_shoff);
if (shend > fw->size)
--
2.47.2
Powered by blists - more mailing lists