Add a checker for signature boundary in verifier am: 54ea136fde am: 0a34b17c8b am: fb80b4f72d am: d3d5e54a45 am: 6ea9888d51 am: a055eb93c3 am: 15ca2a4763 am: ca50d7b66a am: 64f0de7a13 am: e4ec60e045 am: e0d3b0ceab Change-Id: I2b483f4cd082ef6cc0d9839c576a05161d980728

commit: f1278966750d17e2be69ced79396cdd3ffab3e94 [log] [tgz]
author: Tianjie Xu <xunchang@google.com> Wed Jan 18 22:42:18 2017 +0000
committer: android-build-merger <android-build-merger@google.com> Wed Jan 18 22:42:18 2017 +0000
tree: 6199a1cc963c610149efb737043fdaee80244f08
parent: 14bdbb6c7703854d2f8f4bafd19a4c2013c1d6ee [diff]
parent: e0d3b0ceab7de3ada458b698a8162cee47781dff [diff]
diff --git a/verifier.cpp b/verifier.cpp
index 16cc7cf..2d1b0e7 100644
--- a/verifier.cpp
+++ b/verifier.cpp

@@ -146,6 +146,12 @@
     LOGI("comment is %zu bytes; signature %zu bytes from end\n",
          comment_size, signature_start);
 
+    if (signature_start > comment_size) {
+        LOGE("signature start: %zu is larger than comment size: %zu\n", signature_start,
+             comment_size);
+        return VERIFY_FAILURE;
+    }
+
     if (signature_start <= FOOTER_SIZE) {
         LOGE("Signature start is in the footer");
         return VERIFY_FAILURE;
commit	f1278966750d17e2be69ced79396cdd3ffab3e94	[log] [tgz]
author	Tianjie Xu <xunchang@google.com>	Wed Jan 18 22:42:18 2017 +0000
committer	android-build-merger <android-build-merger@google.com>	Wed Jan 18 22:42:18 2017 +0000
tree	6199a1cc963c610149efb737043fdaee80244f08
parent	14bdbb6c7703854d2f8f4bafd19a4c2013c1d6ee [diff]
parent	e0d3b0ceab7de3ada458b698a8162cee47781dff [diff]