From f69e6a9475983b2ad46729e44ab58d2b22cd74d0 Mon Sep 17 00:00:00 2001
From: Tianjie Xu <xunchang@google.com>
Date: Fri, 16 Dec 2016 14:27:55 -0800
Subject: Add a checker for signature boundary in verifier

The 'signature_start' variable marks the location of the signature
from the end of a zip archive. And a boundary check is missing where
'signature_start' should be within the EOCD comment field. This causes
problems when sideloading a malicious package. Also add a corresponding
test.

Bug: 31914369
Test: Verification fails correctly when sideloading recovery_test.zip on
angler.

Change-Id: I6ea96bf04dac5d8d4d6719e678d504f957b4d5c1
---
 tests/component/verifier_test.cpp     |   3 ++-
 tests/testdata/signature-boundary.zip | Bin 0 -> 22 bytes
 2 files changed, 2 insertions(+), 1 deletion(-)
 create mode 100644 tests/testdata/signature-boundary.zip

(limited to 'tests')

diff --git a/tests/component/verifier_test.cpp b/tests/component/verifier_test.cpp
index 33aadb3fb..8d8b461cb 100644
--- a/tests/component/verifier_test.cpp
+++ b/tests/component/verifier_test.cpp
@@ -155,4 +155,5 @@ INSTANTIATE_TEST_CASE_P(BadPackage, VerifierFailureTest,
             std::vector<std::string>({"random.zip", "v1"}),
             std::vector<std::string>({"fake-eocd.zip", "v1"}),
             std::vector<std::string>({"alter-metadata.zip", "v1"}),
-            std::vector<std::string>({"alter-footer.zip", "v1"})));
+            std::vector<std::string>({"alter-footer.zip", "v1"}),
+            std::vector<std::string>({"signature-boundary.zip", "v1"})));
diff --git a/tests/testdata/signature-boundary.zip b/tests/testdata/signature-boundary.zip
new file mode 100644
index 000000000..64a3cfa15
Binary files /dev/null and b/tests/testdata/signature-boundary.zip differ
-- 
cgit v1.2.3