From 9770df1e9dfff99f8e764a56e6f603d4266edfb7 Mon Sep 17 00:00:00 2001 From: Zheng Bao Date: Tue, 14 Feb 2023 13:23:35 +0800 Subject: [PATCH] amdfwtool: Check the validation of EFS & body relative address We need to considering the case the EFS header is given as a relative address and the other, body location, is given as an absolute one. So we convert both of them to relative and check the validation. For relative address case, the location should be between 0 and data size. Change-Id: I7898bfbca02f5eb1c0fb7c456dc1935bddf685b1 Signed-off-by: Zheng Bao Reviewed-on: https://review.coreboot.org/c/coreboot/+/73024 Tested-by: build bot (Jenkins) Reviewed-by: Fred Reitberger --- util/amdfwtool/amdfwtool.c | 16 +++++++++++----- 1 file changed, 11 insertions(+), 5 deletions(-) diff --git a/util/amdfwtool/amdfwtool.c b/util/amdfwtool/amdfwtool.c index daca1abbcb..cd2922359d 100644 --- a/util/amdfwtool/amdfwtool.c +++ b/util/amdfwtool/amdfwtool.c @@ -2404,10 +2404,20 @@ int main(int argc, char **argv) printf(" AMDFWTOOL Using ROM size of %dKB\n", ctx.rom_size / 1024); rom_base_address = 0xFFFFFFFF - ctx.rom_size + 1; - if (efs_location && (efs_location < rom_base_address)) { + + if (efs_location & 0xFF000000) + efs_location = efs_location - rom_base_address; + if (body_location & 0xFF000000) + body_location = body_location - rom_base_address; + + if (efs_location && efs_location > ctx.rom_size) { fprintf(stderr, "Error: EFS/Directory location outside of ROM.\n\n"); return 1; } + if (body_location && body_location > ctx.rom_size) { + fprintf(stderr, "Error: Body location outside of ROM.\n\n"); + return 1; + } if (!efs_location && body_location) { fprintf(stderr, "Error AMDFW body location specified without EFS location.\n"); @@ -2431,10 +2441,6 @@ int main(int argc, char **argv) fprintf(stderr, " Require safe spacing of 256 bytes\n"); return 1; } - if (efs_location & 0xFF000000) - efs_location = efs_location - rom_base_address; - if (body_location & 0xFF000000) - body_location = body_location - rom_base_address; if (any_location) { if ((body_location & 0x3f) || (efs_location & 0x3f)) {