aboutsummaryrefslogtreecommitdiff
path: root/libfdt/fdt_check.c
AgeCommit message (Collapse)AuthorFilesLines
2022-07-30libfdt: Don't mask fdt_get_name() returned errorPierre-Clément Tosi1-1/+4
Return the error code from fdt_get_name() (contained in len when the result is NULL) instead of masking it with FDT_ERR_BADSTRUCTURE. Fixes: fda71da26e7f ("libfdt: Handle failed get_name() on BEGIN_NODE") Reported-by: Mike McTernan <mikemcternan@google.com> Signed-off-by: Pierre-Clément Tosi <ptosi@google.com> Message-Id: <20220729130019.804288-1-ptosi@google.com> Signed-off-by: David Gibson <david@gibson.dropbear.id.au>
2022-07-26libfdt: Handle failed get_name() on BEGIN_NODEPierre-Clément Tosi1-1/+1
Validate the return value of fdt_get_name() as an ill-formed DT, causing it to fail, could result in fdt_check_full() dereferencing NULL. fixes: a2def5479950 ("libfdt: Check that the root-node name is empty") Signed-off-by: Pierre-Clément Tosi <ptosi@google.com> Message-Id: <20220714083848.958492-1-ptosi@google.com> Signed-off-by: David Gibson <david@gibson.dropbear.id.au>
2021-03-23libfdt: Check that the root-node name is emptySimon Glass1-0/+10
The root node is supposed to have an empty name, but at present this is not checked. The behaviour of such a tree is not well defined. Most software rightly assumes that the root node is at offset 0 and does not check the name. This oddity was discovered as part of a security investigation into U-Boot verified boot. Add a check for this to fdt_check_full(). Signed-off-by: Simon Glass <sjg@chromium.org> Reported-by: Arie Haenel <arie.haenel@intel.com> Reported-by: Julien Lenoir <julien.lenoir@intel.com> Message-Id: <20210323010410.3222701-2-sjg@chromium.org> Signed-off-by: David Gibson <david@gibson.dropbear.id.au>
2021-03-23libfdt: Check that there is only one root nodeSimon Glass1-0/+7
At present it is possible to have two root nodes and even access nodes in the 'second' root. Such trees should not be considered valid. This was discovered as part of a security investigation into U-Boot verified boot. Add a check for this to fdt_check_full(). Signed-off-by: Simon Glass <sjg@chromium.org> Reported-by: Arie Haenel <arie.haenel@intel.com> Reported-by: Julien Lenoir <julien.lenoir@intel.com> Message-Id: <20210323000926.3210733-1-sjg@chromium.org> Signed-off-by: David Gibson <david@gibson.dropbear.id.au>
2020-07-10libfdt: fix fdt_check_full buffer overrunPatrick Oppenlander1-0/+2
fdt_check_header assumes that its argument points to a complete header and can read data beyond the FDT_V1_SIZE bytes which fdt_check_full can provide. fdt_header_size can safely return a header size with FDT_V1_SIZE bytes available and will return a usable value even for a corrupted header. Signed-off-by: Patrick Oppenlander <patrick.oppenlander@gmail.com> Message-Id: <20200709041451.338548-1-patrick.oppenlander@gmail.com> Signed-off-by: David Gibson <david@gibson.dropbear.id.au>
2020-02-24libfdt: Allow exclusion of fdt_check_full()Simon Glass1-0/+74
This function is used to perform a full check of the device tree. Allow it to be excluded if all assumptions are enabled. Signed-off-by: Simon Glass <sjg@chromium.org> Reviewed-by: David Gibson <david@gibson.dropbear.id.au> Message-Id: <20200220214557.176528-9-sjg@chromium.org> Signed-off-by: David Gibson <david@gibson.dropbear.id.au>
generated by cgit v1.1 at 2025-08-10 00:49:33 +0000