From e7d668502c2f3cb1f29aef6dd7beb356b3a84c1c Mon Sep 17 00:00:00 2001
From: osm0sis <osm0sis@outlook.com>
Date: Sun, 3 Nov 2019 04:22:21 -0500
Subject: [PATCH] SignBoot: improve error catching/reporting - `!= remain`
 shouldn't indicate "not signed", it should indicate a read error as with `!=
 hdr.length` - attempt to catch unsigned images at signature read, before they
 make it to `BootSignature bootsig = new BootSignature(signature);` and result
 in the following:     java.io.IOException: unexpected end-of-contents marker 
            at org.bouncycastle.asn1.ASN1InputStream.readObject(Unknown
 Source:14)             at
 com.topjohnwu.signing.SignBoot$BootSignature.<init>(SignBoot.java:230)       
      at com.topjohnwu.signing.SignBoot.verifySignature(SignBoot.java:139)    
         at com.topjohnwu.signing.BootSigner.main(BootSigner.java:15)         
    at a.a.main(a.java:20)

---
 .../main/java/com/topjohnwu/signing/SignBoot.java | 15 ++++++++++-----
 1 file changed, 10 insertions(+), 5 deletions(-)

diff --git a/signing/src/main/java/com/topjohnwu/signing/SignBoot.java b/signing/src/main/java/com/topjohnwu/signing/SignBoot.java
index c7347b2b7..b717df9b2 100644
--- a/signing/src/main/java/com/topjohnwu/signing/SignBoot.java
+++ b/signing/src/main/java/com/topjohnwu/signing/SignBoot.java
@@ -33,10 +33,10 @@ public class SignBoot {
     private static final int BOOT_IMAGE_HEADER_V1_RECOVERY_DTBO_SIZE_OFFSET = 1632;
     private static final int BOOT_IMAGE_HEADER_V2_DTB_SIZE_OFFSET = 1648;
 
-    /* Arbitrary maximum header version value; when greater assume the field is dt/extra size */
+    // Arbitrary maximum header version value; when greater assume the field is dt/extra size
     private static final int BOOT_IMAGE_HEADER_VERSION_MAXIMUM = 8;
 
-    /* Maximum header size byte value to read (bootimg minimum page size) */
+    // Maximum header size byte value to read (currently the bootimg minimum page size)
     private static final int BOOT_IMAGE_HEADER_SIZE_MAXIMUM = 2048;
 
     private static class PushBackRWStream extends FilterInputStream {
@@ -120,21 +120,26 @@ public class SignBoot {
         try {
             // Read the header for size
             byte[] hdr = new byte[BOOT_IMAGE_HEADER_SIZE_MAXIMUM];
-            if (imgIn.read(hdr) != hdr.length)
+            if (imgIn.read(hdr) != hdr.length) {
+                System.err.println("Unable to read image header");
                 return false;
+            }
             int signableSize = getSignableImageSize(hdr);
 
             // Read the rest of the image
             byte[] rawImg = Arrays.copyOf(hdr, signableSize);
             int remain = signableSize - hdr.length;
             if (imgIn.read(rawImg, hdr.length, remain) != remain) {
-                System.err.println("Invalid image: not signed");
+                System.err.println("Unable to read image");
                 return false;
             }
 
             // Read footer, which contains the signature
             byte[] signature = new byte[4096];
-            imgIn.read(signature);
+            if (imgIn.read(signature) == -1) {
+                System.err.println("Invalid image: not signed");
+                return false;
+            }
 
             BootSignature bootsig = new BootSignature(signature);
             if (certIn != null) {