Received: by 10.213.65.68 with SMTP id h4csp1573404imn;
        Thu, 15 Mar 2018 03:45:06 -0700 (PDT)
X-Google-Smtp-Source: AG47ELs77TIfWhXwQaGWDFjx0Q1tepuhZzPtdOlmduN7hAtAc2ZgmS1dc/GTPDXbv5epWaQJjUZi
X-Received: by 2002:a17:902:a987:: with SMTP id bh7-v6mr537563plb.35.1521110706555;
        Thu, 15 Mar 2018 03:45:06 -0700 (PDT)
ARC-Seal: i=1; a=rsa-sha256; t=1521110706; cv=none;
        d=google.com; s=arc-20160816;
        b=lhOMcWtcebbbnTe2cd63hLqD/BY9F9+XfndpHLtjcO7PkYSxWS2BKR0bdsWh7+tcD/
         Hxu82+MLe16HN3WSdacpTaYTsBJRJq1V1ns/KwaPsWM5Nakpqiun5saBrDHI5irlirZp
         HfyoFp1dTAuOBF+IGdOJsbVdlvAZqCSYuya4A1SSfI3as5Uh4R2qZKjfclULJB266vmi
         PLeKFOKoHDSmY64LYQdNEWCdwGJk/GOqlJY+Pqlfkd6nBjrqvL3ZL2llkOS0zrKMJnCk
         1vqrV0I5UcY4miOgvPNIOtSYOXZkVU22qGeWKQFZNhAppAGKxHQWdXiGfNbbeT0cIKLR
         0d5w==
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816;
        h=list-id:precedence:sender:user-agent:in-reply-to
         :content-disposition:mime-version:references:message-id:subject:cc
         :to:from:date:arc-authentication-results;
        bh=AvBp1pMXHscG+fTG+zjQAY3RpwVAYToEYxCuAo5nyWw=;
        b=f32Lrp+wKO5OtpokTBmbOUDp3rA2dhOEPjf/eQ4rPYdbPmtsTv1301nuSVHvztQpfD
         K/6Ms1Gcvaq/8qcb4XEgvDPVdEmRAJuMZB1RblGKkax/SQgwmiD6kdUH5rrteeRxDX+P
         LgfDoBGxiMRgJiIgHyhsbNT7Jfpft0YmPQqfMSt+U2egiAOwRfQBYXkmVDEaANHxi0Fs
         zuWyj6LEaSlcTGaUVgKd8xXIsY3hcJJDd0GjIK6bHayOTPvr5cR+ty31RIzzpoko/W1v
         3tiJ1ZzY7k7rHu/rrk27hU+6MEN5TUvIE71e8Ymw7su1dvKZxY9xeU4PkXdd/WMgLunF
         dzUg==
ARC-Authentication-Results: i=1; mx.google.com;
       spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org
Return-Path: <linux-kernel-owner@vger.kernel.org>
Received: from vger.kernel.org (vger.kernel.org. [209.132.180.67])
        by mx.google.com with ESMTP id n3si3236732pgp.102.2018.03.15.03.44.52;
        Thu, 15 Mar 2018 03:45:06 -0700 (PDT)
Received-SPF: pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) client-ip=209.132.180.67;
Authentication-Results: mx.google.com;
       spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org
Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand
        id S1752038AbeCOKn1 (ORCPT <rfc822;uzarths@gmail.com> + 99 others);
        Thu, 15 Mar 2018 06:43:27 -0400
Received: from mail.skyhub.de ([5.9.137.197]:33536 "EHLO mail.skyhub.de"
        rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP
        id S1751757AbeCOKnZ (ORCPT <rfc822;linux-kernel@vger.kernel.org>);
        Thu, 15 Mar 2018 06:43:25 -0400
X-Virus-Scanned: Nedap ESD1 at mail.skyhub.de
Received: from mail.skyhub.de ([127.0.0.1])
        by localhost (blast.alien8.de [127.0.0.1]) (amavisd-new, port 10026)
        with ESMTP id gEeiHhdZdP-S; Thu, 15 Mar 2018 11:43:09 +0100 (CET)
Received: from pd.tnic (p200300EC2BC921000DB0D181F40EDD09.dip0.t-ipconnect.de [IPv6:2003:ec:2bc9:2100:db0:d181:f40e:dd09])
        (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits))
        (No client certificate requested)
        by mail.skyhub.de (SuperMail on ZX Spectrum 128k) with ESMTPSA id E20D81EC05DE;
        Thu, 15 Mar 2018 11:43:08 +0100 (CET)
Date:   Thu, 15 Mar 2018 11:42:46 +0100
From:   Borislav Petkov <bp@alien8.de>
To:     "Maciej S. Szmigiero" <mail@maciej.szmigiero.name>
Cc:     Thomas Gleixner <tglx@linutronix.de>,
        Ingo Molnar <mingo@redhat.com>,
        "H. Peter Anvin" <hpa@zytor.com>, x86@kernel.org,
        linux-kernel@vger.kernel.org
Subject: Re: [PATCH v3 2/9] x86/microcode/AMD: check whether the equivalence
 table fits in the file
Message-ID: <20180315104246.GE27816@pd.tnic>
References: <cover.1520973389.git.mail@maciej.szmigiero.name>
 <e2de27e0-6250-a10f-8d08-99c0c8d417ba@maciej.szmigiero.name>
 <20180314170457.GE16605@pd.tnic>
 <863eeb13-1c67-da37-6862-610a1204d648@maciej.szmigiero.name>
MIME-Version: 1.0
Content-Type: text/plain; charset=utf-8
Content-Disposition: inline
In-Reply-To: <863eeb13-1c67-da37-6862-610a1204d648@maciej.szmigiero.name>
User-Agent: Mutt/1.9.3 (2018-01-21)
Sender: linux-kernel-owner@vger.kernel.org
Precedence: bulk
List-ID: <linux-kernel.vger.kernel.org>
X-Mailing-List: linux-kernel@vger.kernel.org

On Thu, Mar 15, 2018 at 12:34:09AM +0100, Maciej S. Szmigiero wrote:
> 'size' here is the length of the whole CPIO blob containing all
> containers combined (well, the remaining part of it).
> 
> If we skip over 'size' bytes we'll have nothing left to parse.

Well, if

	size < eqiv_tbl_len + CONTAINER_HDR_SZ

then you really have nothing else to parse.

Come to think of it, if the whole blob is truncated like that, we
shouldn't trust it at all and stop looking at it. So yes, "return size"
is the right thing to do but for a different reason.

-- 
Regards/Gruss,
    Boris.

Good mailing practices for 400: avoid top-posting and trim the reply.