From 97ee114aa507775276d1b4adb68c94d7a7ea8e39 Mon Sep 17 00:00:00 2001
From: weishu <twsxtd@gmail.com>
Date: Fri, 29 Mar 2024 14:28:51 +0800
Subject: [PATCH] kernel: deny unexpected offset value for signing check

---
 kernel/apk_sign.c | 7 ++++++-
 1 file changed, 6 insertions(+), 1 deletion(-)

diff --git a/kernel/apk_sign.c b/kernel/apk_sign.c
index fb5cdb25a135..eb1f3f6f277c 100644
--- a/kernel/apk_sign.c
+++ b/kernel/apk_sign.c
@@ -264,7 +264,12 @@ static __always_inline bool check_v2_signature(char *path,
 			pr_info("Unknown singature block id: 0x%08x\n", id);
 			goto clean;
 		}
-		pos += (size8 - offset);
+		u64 next = size8 - offset;
+		if (next == 0) {
+			pr_warn("Unexpeced offset value!\n");
+			goto clean;
+		}
+		pos += next;
 	}
 
 	if (v2_signing_blocks != 1) {