Add a checker for signature boundary in verifier am: 54ea136fde am: 0a34b17c8b am: fb80b4f72d am: d3d5e54a45 am: 6ea9888d51 am: a055eb93c3 am: 15ca2a4763 am: ca50d7b66a
am: 64f0de7a13

Change-Id: I3b67824479c820d06e84e6611e4aff87265dab11
diff --git a/verifier.cpp b/verifier.cpp
index 16cc7cf..2d1b0e7 100644
--- a/verifier.cpp
+++ b/verifier.cpp
@@ -146,6 +146,12 @@
     LOGI("comment is %zu bytes; signature %zu bytes from end\n",
          comment_size, signature_start);
 
+    if (signature_start > comment_size) {
+        LOGE("signature start: %zu is larger than comment size: %zu\n", signature_start,
+             comment_size);
+        return VERIFY_FAILURE;
+    }
+
     if (signature_start <= FOOTER_SIZE) {
         LOGE("Signature start is in the footer");
         return VERIFY_FAILURE;