From fb805caf6a62a5b0f9fd0c8183b8e6eed7b46bc5 Mon Sep 17 00:00:00 2001
From: Leah Rowe <leah@libreboot.org>
Date: Fri, 6 Mar 2026 19:40:28 +0000
Subject: util/nvmutil: extra part check in set_checksum

it calls word() anyway, but we should still check it here,
since this is quite a critical function.

the other bound checks are done by word(), which this
function uses to add everything up.

Signed-off-by: Leah Rowe <leah@libreboot.org>
---
 util/nvmutil/nvmutil.c | 3 +++
 1 file changed, 3 insertions(+)

diff --git a/util/nvmutil/nvmutil.c b/util/nvmutil/nvmutil.c
index dfdbac20..9c8f678a 100644
--- a/util/nvmutil/nvmutil.c
+++ b/util/nvmutil/nvmutil.c
@@ -617,6 +617,9 @@ set_checksum(size_t p)
 	size_t c;
 	uint16_t val16 = 0;
 
+	if (p > 1)
+		err(ECANCELED, "Bad part num %zu (must be 0 or 1)", p);
+
 	for (c = 0; c < NVM_CHECKSUM_WORD; c++)
 		val16 += word(c, p);
 
-- 
cgit v1.2.1