From a37553d06bf64bdc70d3f167fdffbce86d54d925 Mon Sep 17 00:00:00 2001
From: Russell King <rmk@armlinux.org.uk>
Date: Thu, 29 Mar 2018 22:01:01 +0100
Subject: ARM: ensure kernel size tag is sized appropriately

Ensure that the kernel size tag is an appropriate size before using
the information contained within it.

Signed-off-by: Russell King <rmk@armlinux.org.uk>
---
 kexec/arch/arm/kexec-zImage-arm.c | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/kexec/arch/arm/kexec-zImage-arm.c b/kexec/arch/arm/kexec-zImage-arm.c
index 8b474dd..7457596 100644
--- a/kexec/arch/arm/kexec-zImage-arm.c
+++ b/kexec/arch/arm/kexec-zImage-arm.c
@@ -669,7 +669,7 @@ int zImage_arm_load(int argc, char **argv, const char *buf, off_t len,
 
 	dbgprintf("zImage requires 0x%08llx bytes\n", (unsigned long long)len);
 
-	if (tag) {
+	if (tag && tag->hdr.size >= 2) {
 		uint32_t *p = (void *)buf + le32_to_cpu(tag->u.krnl_size.size_ptr);
 		uint32_t edata_size = le32_to_cpu(get_unaligned(p));
 		uint32_t bss_size = le32_to_cpu(tag->u.krnl_size.bss_size);
-- 
cgit