fix unchecked arithmetic in BzImage::load

Fixed unchecked arithmetic operations (addition, substraction
and multiplication) that could cause the sizes of the setup
sectors and kernel image to be incorrectly computed.

Signed-off-by: Alexandra Iordache <[email protected]>
Signed-off-by: Andreea Florescu <[email protected]>

Author: Alexandra Iordache

src/loader/x86_64/bzimage/mod.rs

@@ -26,6 +26,8 @@ use super::super::{
 pub enum Error {
     /// Invalid bzImage binary.
     InvalidBzImage,
+    /// Overflow occurred during an arithmetic operation.
+    Overflow,
     /// Unable to read bzImage header.
     ReadBzImageHeader,
     /// Unable to read bzImage compressed image.
@@ -36,17 +38,21 @@ pub enum Error {
     SeekBzImageHeader,
     /// Unable to seek to bzImage compressed kernel.
     SeekBzImageCompressedKernel,
+    /// Underflow occurred during an arithmetic operation.
+    Underflow,
 }
 
 impl fmt::Display for Error {
     fn fmt(&self, f: &mut fmt::Formatter<'_>) -> fmt::Result {
         let desc = match self {
             Error::InvalidBzImage => "Invalid bzImage",
+            Error::Overflow => "Overflow occurred during an arithmetic operation",
             Error::ReadBzImageHeader => "Unable to read bzImage header",
             Error::ReadBzImageCompressedKernel => "Unable to read bzImage compressed kernel",
             Error::SeekBzImageEnd => "Unable to seek bzImage end",
             Error::SeekBzImageHeader => "Unable to seek bzImage header",
             Error::SeekBzImageCompressedKernel => "Unable to seek bzImage compressed kernel",
+            Error::Underflow => "Underflow occurred during an arithmetic operation",
         };
 
         write!(f, "Kernel Loader: {}", desc)
@@ -130,8 +136,13 @@ impl KernelLoader for BzImage {
         if setup_size == 0 {
             setup_size = 4;
         }
-        setup_size = (setup_size + 1) * 512;
-        kernel_size -= setup_size;
+        setup_size = setup_size
+            .checked_add(1)
+            .and_then(|setup_size| setup_size.checked_mul(512))
+            .ok_or(Error::Overflow)?;
+        kernel_size = kernel_size
+            .checked_sub(setup_size)
+            .ok_or(Error::Underflow)?;
 
         // Check that `code32_start`, the default address of the kernel, is not lower than high
         // memory.