Daniel Golle 27adf03f70 uboot-tools: validate all uImage.FIT sub-images ...

uImage.FIT validation was restricted to certain sub-image types
which is problematic as it then won't validate eg. 'filesystem' type
subimages. Also prevent decompressing sub-images into a arbitrary
sized buffer just to then free that buffer -- there is not need to
do this and creating malicious compressed payloads which overflow the
buffer is too easy.

Signed-off-by: Daniel Golle <daniel@makrotopia.org>

2025-04-24 06:43:59 +01:00

3.7 KiB

Raw Permalink Blame History

View Raw