aboutsummaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorStewart Smith <stewart@linux.vnet.ibm.com>2015-11-17 16:57:40 +1100
committerStewart Smith <stewart@linux.vnet.ibm.com>2015-11-17 16:57:40 +1100
commit14ed2b842f61cfc234a274c5f626d7d8f81e7aa9 (patch)
treedbabcfa6cfbd1f16c83753eb5dd746f8954695ea
parent5af6acab5ccd0fe2aa1686c502580e984887c62c (diff)
downloadskiboot-14ed2b842f61cfc234a274c5f626d7d8f81e7aa9.zip
skiboot-14ed2b842f61cfc234a274c5f626d7d8f81e7aa9.tar.gz
skiboot-14ed2b842f61cfc234a274c5f626d7d8f81e7aa9.tar.bz2
libfdt: add basic sanity check to fdt_open_into
Signed-off-by: Stewart Smith <stewart@linux.vnet.ibm.com>
-rw-r--r--libfdt/fdt_rw.c4
1 files changed, 4 insertions, 0 deletions
diff --git a/libfdt/fdt_rw.c b/libfdt/fdt_rw.c
index 994037b..befe87d 100644
--- a/libfdt/fdt_rw.c
+++ b/libfdt/fdt_rw.c
@@ -425,6 +425,10 @@ int fdt_open_into(const void *fdt, void *buf, int bufsize)
newsize = FDT_ALIGN(sizeof(struct fdt_header), 8) + mem_rsv_size
+ struct_size + fdt_size_dt_strings(fdt);
+ /* basic sanity check */
+ if (struct_size > bufsize)
+ return -FDT_ERR_BADSTRUCTURE;
+
if (bufsize < newsize)
return -FDT_ERR_NOSPACE;