Add a checker for signature boundary in verifier am: 54ea136fde am: 0a34b17c8b am: fb80b4f72d am: d3d5e54a45 Change-Id: Ib892c1745197ccb42d77c7bc8647f2e6b725a7dd

commit: 6ea9888d51656b3253d5dda9bcc3234f2912ad4e [log] [tgz]
author: Tianjie Xu <xunchang@google.com> Wed Jan 18 22:28:46 2017 +0000
committer: android-build-merger <android-build-merger@google.com> Wed Jan 18 22:28:46 2017 +0000
tree: fd8ea77ea19e10e3fca4927b296d5c65463589bb
parent: 300af0779de3c2658f32e3de40adc41dae92df1e [diff]
parent: d3d5e54a45eccac59eb72d5becfa9e320403b4f5 [diff]
diff --git a/verifier.cpp b/verifier.cpp
index 61e5adf..bf7071d 100644
--- a/verifier.cpp
+++ b/verifier.cpp

@@ -144,6 +144,12 @@
     LOGI("comment is %zu bytes; signature %zu bytes from end\n",
          comment_size, signature_start);
 
+    if (signature_start > comment_size) {
+        LOGE("signature start: %zu is larger than comment size: %zu\n", signature_start,
+             comment_size);
+        return VERIFY_FAILURE;
+    }
+
     if (signature_start <= FOOTER_SIZE) {
         LOGE("Signature start is in the footer");
         return VERIFY_FAILURE;
commit	6ea9888d51656b3253d5dda9bcc3234f2912ad4e	[log] [tgz]
author	Tianjie Xu <xunchang@google.com>	Wed Jan 18 22:28:46 2017 +0000
committer	android-build-merger <android-build-merger@google.com>	Wed Jan 18 22:28:46 2017 +0000
tree	fd8ea77ea19e10e3fca4927b296d5c65463589bb
parent	300af0779de3c2658f32e3de40adc41dae92df1e [diff]
parent	d3d5e54a45eccac59eb72d5becfa9e320403b4f5 [diff]