From c88181a7dfb91b59a9959066f942c134c2162353 Mon Sep 17 00:00:00 2001
From: Holger Hans Peter Freyther <zecke@selfish.org>
Date: Mon, 22 Mar 2010 09:51:43 +0100
Subject: ipa-firmware: Look at the table offset

* The two dummy bytes appear to be an offset, check that
  they are zero and refuse to work when they are not.
---
 openbsc/src/ipaccess/ipaccess-firmware.c | 7 +++++++
 1 file changed, 7 insertions(+)

(limited to 'openbsc/src/ipaccess')

diff --git a/openbsc/src/ipaccess/ipaccess-firmware.c b/openbsc/src/ipaccess/ipaccess-firmware.c
index e0695a629..4975b8865 100644
--- a/openbsc/src/ipaccess/ipaccess-firmware.c
+++ b/openbsc/src/ipaccess/ipaccess-firmware.c
@@ -74,6 +74,13 @@ int ipaccess_analyze_file(int fd, const unsigned int st_size, const unsigned int
 	INIT_LLIST_HEAD(&header->header_list);
 	llist_add(&header->entry, list);
 
+	if (ntohs(firmware_header->table_offset) != 0) {
+		fprintf(stderr, "The table offset is not zero. That is not supported: 0x%x at 0x%x\n",
+			ntohs(firmware_header->table_offset), base_offset);
+		return -1;
+	}
+
+
 	if (ntohs(firmware_header->part_length) % PART_LENGTH != 0) {
 		fprintf(stderr, "The part length seems to be wrong.\n");
 		return -1;
-- 
cgit v1.2.3