diff --git a/apps/codecs.c b/apps/codecs.c index d12b43642f..d8ad7146df 100644 --- a/apps/codecs.c +++ b/apps/codecs.c @@ -243,7 +243,8 @@ int codec_load_ram(char* codecptr, int size, void* ptr2, int bufwrap, } hdr = (struct codec_header *)codecbuf; - if (hdr->magic != CODEC_MAGIC + if (size <= (signed)sizeof(struct codec_header) + || hdr->magic != CODEC_MAGIC || hdr->target_id != TARGET_ID || hdr->load_addr != codecbuf || hdr->end_addr > codecbuf + CODEC_SIZE) { @@ -258,8 +259,7 @@ int codec_load_ram(char* codecptr, int size, void* ptr2, int bufwrap, if (hdr == NULL || hdr->magic != CODEC_MAGIC - || hdr->target_id != TARGET_ID - || hdr->entry_point == NULL) { + || hdr->target_id != TARGET_ID) { sim_codec_close(pd); return CODEC_ERROR; } diff --git a/apps/plugin.c b/apps/plugin.c index a6b9703f1a..44eb0dc04c 100644 --- a/apps/plugin.c +++ b/apps/plugin.c @@ -399,8 +399,7 @@ int plugin_load(const char* plugin, void* parameter) } if (hdr == NULL || hdr->magic != PLUGIN_MAGIC - || hdr->target_id != TARGET_ID - || hdr->entry_point == NULL) { + || hdr->target_id != TARGET_ID) { sim_plugin_close(fd); gui_syncsplash(HZ*2, true, str(LANG_PLUGIN_WRONG_MODEL)); return -1; @@ -423,13 +422,14 @@ int plugin_load(const char* plugin, void* parameter) readsize = read(fd, pluginbuf, PLUGIN_BUFFER_SIZE); close(fd); - if (readsize <= (signed)sizeof(struct plugin_header)) { + if (readsize < 0) { gui_syncsplash(HZ*2, true, str(LANG_READ_FAILED), plugin); return -1; } hdr = (struct plugin_header *)pluginbuf; - if (hdr->magic != PLUGIN_MAGIC + if ((unsigned)readsize <= sizeof(struct plugin_header) + || hdr->magic != PLUGIN_MAGIC || hdr->target_id != TARGET_ID || hdr->load_addr != pluginbuf || hdr->end_addr > pluginbuf + PLUGIN_BUFFER_SIZE) {