[OpenWrt-Devel] [PATCH] mkrasimage: fix segmentation fault

michael at turf.org michael at turf.org
Sat Feb 22 09:20:49 EST 2020


Code was attempting to determine the size of the file
before it was actually known and allocating insufficient
memory space.  Images above a certain size caused a
segmentation fault.  Moving the calloc() ensured ensured
that large images didn't result in a buffer overflow on
memcpy().
    
Signed-off-by: Michael T Farnworth <michael at turf.org>

diff --git a/tools/firmware-utils/src/mkrasimage.c b/tools/firmware-utils/src/mkrasimage.c
index cff3a533d1..d8cec527fb 100644
--- a/tools/firmware-utils/src/mkrasimage.c
+++ b/tools/firmware-utils/src/mkrasimage.c
@@ -317,6 +317,16 @@ int build_image()
         map_file(&kernel);
     map_file(&rootfs);
 
+    /* As ZyXEL Web-GUI only accept images with a rootfs equal or larger than the first firmware shipped
+     * for the device, we need to pad rootfs partition to this size. To perform further calculations, we
+     * decide the size of this part here. In case the rootfs we want to integrate in our image is larger,
+     * take it's size, otherwise the supplied size.
+     *
+     * Be careful! We rely on assertion of correct size to be performed beforehand. It is unknown if images
+     * with a to large rootfs are accepted or not.
+     */
+    rootfs_out.size = rootfs_size < rootfs.size ? rootfs.size : rootfs_size;
+
     /*
      * Allocate memory and copy input rootfs for temporary output rootfs.
      * This is important as we have to generate the rootfs checksum over the
@@ -451,14 +461,5 @@ int main(int argc, char *argv[])
     if (ret)
         usage(EXIT_FAILURE);
 
-    /* As ZyXEL Web-GUI only accept images with a rootfs equal or larger than the first firmware shipped
-     * for the device, we need to pad rootfs partition to this size. To perform further calculations, we
-     * decide the size of this part here. In case the rootfs we want to integrate in our image is larger,
-     * take it's size, otherwise the supplied size.
-     *
-     * Be careful! We rely on assertion of correct size to be performed beforehand. It is unknown if images
-     * with a to large rootfs are accepted or not.
-     */
-    rootfs_out.size = rootfs_size < rootfs.size ? rootfs.size : rootfs_size;
     return build_image();
 }

_______________________________________________
openwrt-devel mailing list
openwrt-devel at lists.openwrt.org
https://lists.openwrt.org/mailman/listinfo/openwrt-devel



More information about the openwrt-devel mailing list