Skip to content
Snippets Groups Projects
Commit 491c7b6f authored by David Gibson's avatar David Gibson Committed by Simon Glass
Browse files

libfdt: Fix undefined behaviour in fdt_offset_ptr() 


Using pointer arithmetic to generate a pointer outside a known object is,
technically, undefined behaviour in C.  Unfortunately, we were using that
in fdt_offset_ptr() to detect overflows.

To fix this we need to do our bounds / overflow checking on the offsets
before constructing pointers from them.

Reported-by: default avatarDavid Binderman <dcb314@hotmail.com>
Signed-off-by: default avatarDavid Gibson <david@gibson.dropbear.id.au>
Signed-off-by: default avatarSimon Glass <sjg@chromium.org>
parent ef476836
No related branches found
No related tags found
Hide whitespace changes
Inline Side-by-side
Showing
with 7 additions and 6 deletions
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment