discover/platform-powerpc: limit mailbox response size

The maximum size of the mailbox with Boot Initiator info is defined in
the specification (1). The code should not extract data from the IPMI
response message if its size exceeds the maximum limit from the
specification.

[1] page 398, IPMI Specification v2.0, Revision 1.1, October 1, 2013

Signed-off-by: Maxim Polyakov <m.polyakov@yadro.com>

discover/platform-powerpc.c

@@ -461,24 +461,27 @@ static int get_ipmi_boot_mailbox_block(struct platform_powerpc *platform,
 		return -1;
 	}
 
-	if (resp_len < sizeof(resp)) {
-		if (resp_len < 4) {
-			pb_log("platform: unexpected length (%d) in "
-					"boot options mailbox response\n",
-					resp_len);
-			return -1;
-		}
+	if (resp_len > sizeof(resp)) {
+		pb_debug("platform: invalid mailbox response size!\n");
+		return -1;
+	}
 
-		if (resp_len == 4) {
-			pb_debug_fn("block %hu empty\n", block);
-			return 0;
-		}
+	if (resp_len < 4) {
+		pb_log("platform: unexpected length (%d) in "
+				"boot options mailbox response\n",
+				resp_len);
+		return -1;
+	}
 
-		blocksize = sizeof(resp) - 4;
-		pb_debug_fn("Mailbox block %hu returns only %zu bytes in block\n",
-				block, blocksize);
+	if (resp_len == 4) {
+		pb_debug_fn("block %hu empty\n", block);
+		return 0;
 	}
 
+	blocksize = sizeof(resp) - 4;
+	pb_debug_fn("Mailbox block %hu returns only %zu bytes in block\n",
+			block, blocksize);
+
 	debug_buf = format_buffer(platform, resp, resp_len);
 	pb_debug_fn("IPMI bootdev mailbox block %hu:\n%s\n", block, debug_buf);
 	talloc_free(debug_buf);