diff options
author | David Gibson <david@gibson.dropbear.id.au> | 2016-10-02 17:59:26 -0600 |
---|---|---|
committer | Simon Glass <sjg@chromium.org> | 2016-10-13 13:54:10 -0600 |
commit | 491c7b6f42a8101f1e84cf8e13a0e23b5eca729e (patch) | |
tree | e823ddccede6edbf22cdffdebac66c63b2b05fec /include/libfdt.h | |
parent | ef47683646516002694729986d19713e49b903e3 (diff) |
libfdt: Fix undefined behaviour in fdt_offset_ptr()
Using pointer arithmetic to generate a pointer outside a known object is,
technically, undefined behaviour in C. Unfortunately, we were using that
in fdt_offset_ptr() to detect overflows.
To fix this we need to do our bounds / overflow checking on the offsets
before constructing pointers from them.
Reported-by: David Binderman <dcb314@hotmail.com>
Signed-off-by: David Gibson <david@gibson.dropbear.id.au>
Signed-off-by: Simon Glass <sjg@chromium.org>
Diffstat (limited to 'include/libfdt.h')
0 files changed, 0 insertions, 0 deletions