git.openwrt.org Git - project/bcm63xx/u-boot.git/commit

projects / project / bcm63xx / u-boot.git / commit

author	David Gibson <[email protected]>
	Sun, 2 Oct 2016 23:59:26 +0000 (17:59 -0600)
committer	Simon Glass <[email protected]>
	Thu, 13 Oct 2016 19:54:10 +0000 (13:54 -0600)
commit	491c7b6f42a8101f1e84cf8e13a0e23b5eca729e
tree	e823ddccede6edbf22cdffdebac66c63b2b05fec	tree \| snapshot
parent	ef47683646516002694729986d19713e49b903e3	commit \| diff

libfdt: Fix undefined behaviour in fdt_offset_ptr()

Using pointer arithmetic to generate a pointer outside a known object is,
technically, undefined behaviour in C. Unfortunately, we were using that
in fdt_offset_ptr() to detect overflows.

To fix this we need to do our bounds / overflow checking on the offsets
before constructing pointers from them.

Reported-by: David Binderman <[email protected]>
Signed-off-by: David Gibson <[email protected]>
Signed-off-by: Simon Glass <[email protected]>

lib/libfdt/fdt.c

diff | blob | history

Broadcom-s U-Boot

RSS Atom