[PATCH 8/8] RFC: Check offset in fdt_string()

devicetree.vger.kernel.org archive mirror
 help / color / mirror / Atom feed

From: Simon Glass <sjg-F7+t8E8rja9g9hUCZPvPmw@public.gmane.org>
To: Jon Loeliger <jdl-CYoMK+44s/E@public.gmane.org>
Cc: Devicetree Discuss
	<devicetree-discuss-uLR06cmDAlY/bJ5BZ2RsiQ@public.gmane.org>
Subject: [PATCH 8/8] RFC: Check offset in fdt_string()
Date: Mon, 21 Jan 2013 12:59:22 -0800	[thread overview]
Message-ID: <1358801962-21707-9-git-send-email-sjg@chromium.org> (raw)
In-Reply-To: <1358801962-21707-1-git-send-email-sjg-F7+t8E8rja9g9hUCZPvPmw@public.gmane.org>

(We probably don't want this patch, and certainly can't apply it as is,
but I send it in order to find out the intent of fdt_string()).

At present fdt_string() says that returns:

   - a pointer to the string, on success
   - NULL, if stroffset is out of bounds

However it does not in fact return NULL. Changing it to do so also
breaks 15 tests (segfault).

What is the intended behaviour of this function, please?
Signed-off-by: Simon Glass <sjg-F7+t8E8rja9g9hUCZPvPmw@public.gmane.org>
---
 libfdt/fdt_ro.c |    2 ++
 1 files changed, 2 insertions(+), 0 deletions(-)

diff --git a/libfdt/fdt_ro.c b/libfdt/fdt_ro.c
index 50007f6..cba8772 100644
--- a/libfdt/fdt_ro.c
+++ b/libfdt/fdt_ro.c
@@ -77,6 +77,8 @@ static int _fdt_nodename_eq(const void *fdt, int offset,
 
 const char *fdt_string(const void *fdt, int stroffset)
 {
+	if (stroffset < 0 || stroffset >= fdt_size_dt_strings(fdt))
+		return NULL;
 	return (const char *)fdt + fdt_off_dt_strings(fdt) + stroffset;
 }
 
-- 
1.7.7.3

     prev parent reply	other threads:[~2013-01-21 20:59 UTC|newest]

Thread overview: 21+ messages / expand[flat|nested]  mbox.gz  Atom feed  top
2013-01-21 20:59 [PATCH 0/8] Introduce fdtgrep for subsetting and hashing FDTs Simon Glass
     [not found] ` <1358801962-21707-1-git-send-email-sjg-F7+t8E8rja9g9hUCZPvPmw@public.gmane.org>
2013-01-21 20:59   ` [PATCH 1/8] Adjust util_is_printable_string() comment and fix test Simon Glass
     [not found]     ` <1358801962-21707-2-git-send-email-sjg-F7+t8E8rja9g9hUCZPvPmw@public.gmane.org>
2013-01-22  5:33       ` David Gibson
     [not found]         ` <20130122053340.GJ23500-W9XWwYn+TF0XU02nzanrWNbf9cGiqdzd@public.gmane.org>
2013-01-27 19:14           ` Simon Glass
2013-01-21 20:59   ` [PATCH 2/8] Move property-printing into util Simon Glass
     [not found]     ` <1358801962-21707-3-git-send-email-sjg-F7+t8E8rja9g9hUCZPvPmw@public.gmane.org>
2013-01-22  5:35       ` David Gibson
2013-01-27 20:30       ` Jon Loeliger
2013-01-21 20:59   ` [PATCH 3/8] .gitignore: Add rule for *.patch Simon Glass
     [not found]     ` <1358801962-21707-4-git-send-email-sjg-F7+t8E8rja9g9hUCZPvPmw@public.gmane.org>
2013-01-22  5:35       ` David Gibson
2013-01-27 20:30       ` Jon Loeliger
2013-01-21 20:59   ` [PATCH 4/8] Export fdt_stringlist_contains() Simon Glass
     [not found]     ` <1358801962-21707-5-git-send-email-sjg-F7+t8E8rja9g9hUCZPvPmw@public.gmane.org>
2013-01-23  5:07       ` David Gibson
2013-01-27 20:31       ` Jon Loeliger
2013-01-21 20:59   ` [PATCH 5/8] libfdt: Add function to find regions in an FDT Simon Glass
     [not found]     ` <1358801962-21707-6-git-send-email-sjg-F7+t8E8rja9g9hUCZPvPmw@public.gmane.org>
2013-02-11  2:47       ` David Gibson
     [not found]         ` <20130211024736.GG4948-W9XWwYn+TF0XU02nzanrWNbf9cGiqdzd@public.gmane.org>
2013-02-15 22:47           ` Simon Glass
2013-01-21 20:59   ` [PATCH 6/8] Add fdtgrep to grep and subset FDTs Simon Glass
2013-01-21 20:59   ` [PATCH 7/8] Remove fdtdump and use fdtgrep instead Simon Glass
     [not found]     ` <1358801962-21707-8-git-send-email-sjg-F7+t8E8rja9g9hUCZPvPmw@public.gmane.org>
2013-02-06  7:16       ` David Gibson
     [not found]         ` <20130206071606.GR821-W9XWwYn+TF0XU02nzanrWNbf9cGiqdzd@public.gmane.org>
2013-02-06 16:40           ` Simon Glass
2013-01-21 20:59   ` Simon Glass [this message]

find likely ancestor, descendant, or conflicting patches for this message:
( dfblob:50007f6 dfblob:cba8772 )
 OR (
bs:"[PATCH 8/8] RFC: Check offset in fdt_string()" )
	(help)

Reply instructions:

You may reply publicly to this message via plain-text email
using any one of the following methods:

* Save the following mbox file, import it into your mail client,
  and reply-to-all from there: mbox

  Avoid top-posting and favor interleaved quoting:
  https://en.wikipedia.org/wiki/Posting_style#Interleaved_style

* Reply using the --to, --cc, and --in-reply-to
  switches of git-send-email(1):

  git send-email \
    --in-reply-to=1358801962-21707-9-git-send-email-sjg@chromium.org \
    --to=sjg-f7+t8e8rja9g9huczpvpmw@public.gmane.org \
    --cc=devicetree-discuss-uLR06cmDAlY/bJ5BZ2RsiQ@public.gmane.org \
    --cc=jdl-CYoMK+44s/E@public.gmane.org \
    /path/to/YOUR_REPLY

  https://kernel.org/pub/software/scm/git/docs/git-send-email.html

* If your mail client supports setting the In-Reply-To header
  via mailto: links, try the mailto: link

Be sure your reply has a Subject: header at the top and a blank line before the message body.

This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).