From 24e948f030405df945e7c0290793586d6152b5ed Mon Sep 17 00:00:00 2001
From: Michael Brown <mcb30@etherboot.org>
Date: Mon, 16 Feb 2009 00:30:48 +0000
Subject: [PATCH] [image] Avoid claiming zero-length images as valid

Both the script and PXE images types will claim a zero-length image.
Inhibit this to avoid end-user surprises.
---
 src/arch/i386/image/pxe_image.c | 6 ++++++
 src/image/script.c              | 6 ++++++
 2 files changed, 12 insertions(+)

diff --git a/src/arch/i386/image/pxe_image.c b/src/arch/i386/image/pxe_image.c
index 3b5214d7..90550d83 100644
--- a/src/arch/i386/image/pxe_image.c
+++ b/src/arch/i386/image/pxe_image.c
@@ -88,6 +88,12 @@ int pxe_load ( struct image *image ) {
 	if ( filesz > ( 0xa0000 - 0x7c00 ) )
 		return -ENOEXEC;
 
+	/* Rejecting zero-length images is also useful, since these
+	 * end up looking to the user like bugs in gPXE.
+	 */
+	if ( ! filesz )
+		return -ENOEXEC;
+
 	/* There are no signature checks for PXE; we will accept anything */
 	if ( ! image->type )
 		image->type = &pxe_image_type;
diff --git a/src/image/script.c b/src/image/script.c
index 749131d6..fe722885 100644
--- a/src/image/script.c
+++ b/src/image/script.c
@@ -94,6 +94,12 @@ static int script_load ( struct image *image ) {
 	static const char magic[] = "#!gpxe\n";
 	char test[ sizeof ( magic ) - 1 ];
 
+	/* Sanity check */
+	if ( image->len < sizeof ( test ) ) {
+		DBG ( "Too short to be a script\n" );
+		return -ENOEXEC;
+	}
+
 	/* Check for magic signature */
 	copy_from_user ( test, image->data, 0, sizeof ( test ) );
 	if ( memcmp ( test, magic, sizeof ( test ) ) != 0 ) {