On Wed, Aug 06, 2025 at 10:55:28PM +0530, Mukesh Ojha wrote:
> Firmware binaries may lack section headers, in which case
> the e_shentsize field in the ELF header can be zero.
>
> Update mdt_header_valid() to correctly handle this scenario
> by adjusting the validation logic accordingly.
>
As I replied earlier today on v1 (probably after you sent this), I've
applied the patch I sent out earlier for this problem.
Thanks,
Bjorn
> Fixes: 9f9967fed9d0 ("soc: qcom: mdt_loader: Ensure we don't read past the ELF header")
> Reviewed-by: Dmitry Baryshkov <dmitry.baryshkov@xxxxxxxxxxxxxxxx>
> Signed-off-by: Mukesh Ojha <mukesh.ojha@xxxxxxxxxxxxxxxx>
> ---
> Changes in v2:
> - Make this patch as first patch of the series.
> - Added R-b tag
>
> drivers/soc/qcom/mdt_loader.c | 2 +-
> 1 file changed, 1 insertion(+), 1 deletion(-)
>
> diff --git a/drivers/soc/qcom/mdt_loader.c b/drivers/soc/qcom/mdt_loader.c
> index 0ca268bdf1f8..2a14ba9b0fb6 100644
> --- a/drivers/soc/qcom/mdt_loader.c
> +++ b/drivers/soc/qcom/mdt_loader.c
> @@ -39,7 +39,7 @@ static bool mdt_header_valid(const struct firmware *fw)
> if (phend > fw->size)
> return false;
>
> - if (ehdr->e_shentsize != sizeof(struct elf32_shdr))
> + if (ehdr->e_shentsize && ehdr->e_shentsize != sizeof(struct elf32_shdr))
> return false;
>
> shend = size_add(size_mul(sizeof(struct elf32_shdr), ehdr->e_shnum), ehdr->e_shoff);
> --
> 2.50.1
>
