summaryrefslogtreecommitdiff
path: root/jffsX-utils
diff options
context:
space:
mode:
Diffstat (limited to 'jffsX-utils')
-rw-r--r--jffsX-utils/jffs2dump.c9
1 files changed, 8 insertions, 1 deletions
diff --git a/jffsX-utils/jffs2dump.c b/jffsX-utils/jffs2dump.c
index 30455ea..b757ebe 100644
--- a/jffsX-utils/jffs2dump.c
+++ b/jffsX-utils/jffs2dump.c
@@ -772,6 +772,13 @@ int main(int argc, char **argv)
exit(EXIT_FAILURE);
}
+ if (datsize < 0 || oobsize < 0 || datsize > imglen || (long)datsize + oobsize < 0) {
+ fprintf(stderr, "Error: invalid datsize/oobsize.\n");
+ free(data);
+ close (fd);
+ exit(EXIT_FAILURE);
+ }
+
if (datsize && oobsize) {
int idx = 0;
long len = imglen;
@@ -783,7 +790,7 @@ int main(int argc, char **argv)
read_nocheck (fd, oob, oobsize);
idx += datsize;
imglen -= oobsize;
- len -= datsize + oobsize;
+ len -= (long)datsize + oobsize;
}
} else {
generated by cgit v1.2.3 (git 2.39.1) at 2025-10-31 11:46:18 +0000