uefisign: fix SizeOfHeaders sanity check.

This check was too aggressive: it is fine if SizeOfHeaders is exactly
equal to the size of the DOS stub + PE header + section table. Despite
being wrong this code typically worked for most EFI binaries because
SizeOfHeaders is rounded up to a multiple of FileAlignment, which is
often large (e.g., 512 bytes for the FreeBSD loader) so most binaries
made it through.

Reviewed by:	imp@
Sponsored by:	Netflix
Pull Request:	https://github.com/freebsd/freebsd-src/pull/445

diff --git a/usr.sbin/uefisign/pe.c b/usr.sbin/uefisign/pe.c
index 6459321441d8d06501758a8b05343800633352cb..09b5edd56ab79819f3302479713df5052b181cab 100644 (file)
--- a/usr.sbin/uefisign/pe.c
+++ b/usr.sbin/uefisign/pe.c
@@ -232,7 +232,7 @@ parse_section_table(struct executable *x, off_t off, int number_of_sections)
        range_check(x, off, sizeof(*psh) * number_of_sections,
            "section table");
 
-       if (x->x_headers_len <= off + sizeof(*psh) * number_of_sections)
+       if (x->x_headers_len < off + sizeof(*psh) * number_of_sections)
                errx(1, "section table outside of headers");
 
        psh = (const struct pe_section_header *)(x->x_buf + off);