Searched hist:d0d642450f1f3a0f43e0e156ef57a0c460dd48cf (Results 1 – 1 of 1) sorted by relevance
| /rk3399_ARM-atf/common/ |
| H A D | uuid.c | d0d642450f1f3a0f43e0e156ef57a0c460dd48cf Mon Jul 26 15:31:42 UTC 2021 David Horstmann <david.horstmann@arm.com> fix(fdt): fix OOB write in uuid parsing function
The function read_uuid() zeroes the UUID destination buffer
on error. However, it mistakenly uses the dest pointer
that has been incremented many times during the parsing,
leading to an out-of-bounds write.
To fix this, retain a pointer to the start of the buffer,
and use this when clearing it instead.
Signed-off-by: David Horstmann <david.horstmann@arm.com>
Change-Id: Iee8857be5d3f383ca2eab86cde99a43bf606f306
|