Add a checker for signature boundary in verifier am: 54ea136fde am: 0a34b17c8b am: fb80b4f72d am: d3d5e54a45 am: 6ea9888d51 am: a055eb93c3 am: 15ca2a4763 am: ca50d7b66a am: 64f0de7a13 am: e4ec60e045 am: e0d3b0ceab Change-Id: I4fe8bdd81f8250b862b0018f0a52a76d37ee9d88

commit: 8a45adb24393bca4f03f1b12e74ae4961fd1d72b [log] [tgz]
author: Tianjie Xu <xunchang@google.com> Wed Jan 18 22:42:19 2017 +0000
committer: android-build-merger <android-build-merger@google.com> Wed Jan 18 22:42:19 2017 +0000
tree: bedafec347c1800119dbab70539c428ff9ffb66c
parent: 54890af615c0f5a1cd052770bf96bf0227102802 [diff]
parent: e0d3b0ceab7de3ada458b698a8162cee47781dff [diff]
diff --git a/verifier.cpp b/verifier.cpp
index 44098f7..22f1523 100644
--- a/verifier.cpp
+++ b/verifier.cpp

@@ -147,6 +147,12 @@
     LOG(INFO) << "comment is " << comment_size << " bytes; signature is " << signature_start
               << " bytes from end";
 
+    if (signature_start > comment_size) {
+        LOGE("signature start: %zu is larger than comment size: %zu\n", signature_start,
+             comment_size);
+        return VERIFY_FAILURE;
+    }
+
     if (signature_start <= FOOTER_SIZE) {
         LOG(ERROR) << "Signature start is in the footer";
         return VERIFY_FAILURE;
commit	8a45adb24393bca4f03f1b12e74ae4961fd1d72b	[log] [tgz]
author	Tianjie Xu <xunchang@google.com>	Wed Jan 18 22:42:19 2017 +0000
committer	android-build-merger <android-build-merger@google.com>	Wed Jan 18 22:42:19 2017 +0000
tree	bedafec347c1800119dbab70539c428ff9ffb66c
parent	54890af615c0f5a1cd052770bf96bf0227102802 [diff]
parent	e0d3b0ceab7de3ada458b698a8162cee47781dff [diff]