Google Git
Sign in
fuchsia / third_party / dtc / d4c7c25c9ed138df8bafbe61097c27c9d2629ee3
commitd4c7c25c9ed138df8bafbe61097c27c9d2629ee3[log] [tgz]
authorCourtney Cavin <courtney.cavin@sonymobile.com>Tue Dec 01 16:43:10 2015 -0800
committerDavid Gibson <david@gibson.dropbear.id.au>Wed Dec 02 13:11:11 2015 +1100
tree9a37858d7e0fea7d58c89a258c7ca346b3511fa5
parentf58799be130e27cc729cb2d45566daa0bb3b8605 [diff]
libfdt: check for potential overrun in _fdt_splice()

This patch catches the conditions where:
 - 'splicepoint' is set to a point outside of [ fdt, fdt_totalsize(fdt) )
 - 'newlen' is negative, or 'splicepoint' plus 'newlen' results in overflow

Either of these cases can be caused by math which overflows in calling
functions, or by sizes specified through dynamic means.

Signed-off-by: Courtney Cavin <courtney.cavin@sonymobile.com>
Signed-off-by: Bjorn Andersson <bjorn.andersson@sonymobile.com>
1 file changed
tree: 9a37858d7e0fea7d58c89a258c7ca346b3511fa5
  1. Documentation/
  2. libfdt/
  3. scripts/
  4. tests/
  5. .gitignore
  6. .travis.yml
  7. checks.c
  8. convert-dtsv0-lexer.l
  9. data.c
  10. dtc-lexer.l
  11. dtc-parser.y
  12. dtc.c
  13. dtc.h
  14. dtdiff
  15. fdtdump.c
  16. fdtget.c
  17. fdtput.c
  18. flattree.c
  19. fstree.c
  20. GPL
  21. livetree.c
  22. Makefile
  23. Makefile.convert-dtsv0
  24. Makefile.dtc
  25. Makefile.utils
  26. README
  27. README.license
  28. srcpos.c
  29. srcpos.h
  30. TODO
  31. treesource.c
  32. util.c
  33. util.h