From c04d68c69458526d30bd542ff2f8f83cc20ccfc5 Mon Sep 17 00:00:00 2001 From: Stephen Warren Date: Fri, 21 Sep 2012 09:50:58 +0000 Subject: [PATCH] disk: part_efi: range-check partition number Enhance get_partition_info_efi() to range-check the partition number. This prevents invalid partitions being accessed, and prevents access beyond the end of the gpt_pte[] array. Signed-off-by: Stephen Warren --- disk/part_efi.c | 7 +++++++ 1 file changed, 7 insertions(+) diff --git a/disk/part_efi.c b/disk/part_efi.c index 02927a0d9d..2962fd8f67 100644 --- a/disk/part_efi.c +++ b/disk/part_efi.c @@ -173,6 +173,13 @@ int get_partition_info_efi(block_dev_desc_t * dev_desc, int part, return -1; } + if (part > le32_to_int(gpt_head->num_partition_entries) || + !is_pte_valid(&gpt_pte[part - 1])) { + printf("%s: *** ERROR: Invalid partition number %d ***\n", + __func__, part); + return -1; + } + /* The ulong casting limits the maximum disk size to 2 TB */ info->start = (ulong) le64_to_int(gpt_pte[part - 1].starting_lba); /* The ending LBA is inclusive, to calculate size, add 1 to it */ -- 2.30.2