kernel: deny unexpected offset value for signing check

tiann · Mar 29, 2024 · 97ee114 · 97ee114
1 parent 869cd50
commit 97ee114
Showing 1 changed file with 6 additions and 1 deletion.
diff --git a/kernel/apk_sign.c b/kernel/apk_sign.c
@@ -264,7 +264,12 @@ static __always_inline bool check_v2_signature(char *path,
 			pr_info("Unknown singature block id: 0x%08x\n", id);
 			goto clean;
 		}
-		pos += (size8 - offset);
+		u64 next = size8 - offset;
+		if (next == 0) {
+			pr_warn("Unexpeced offset value!\n");
+			goto clean;
+		}
+		pos += next;
 	}
 
 	if (v2_signing_blocks != 1) {