Searched hist:a0ffc59b2be0794970911c9eea4041e25e80cfc6 (Results 1 – 1 of 1) sorted by relevance
| /optee_os/core/lib/libfdt/ |
| H A D | fdt.c | a0ffc59b2be0794970911c9eea4041e25e80cfc6 Thu Nov 23 06:52:57 UTC 2017 Jens Wiklander <jens.wiklander@linaro.org> libfdt: fix undefined behaviour in fdt_offset_ptr()
Upstream commit d0b3ab0a0f46 ("libfdt: Fix undefined behaviour in
fdt_offset_ptr()").
Using pointer arithmetic to generate a pointer outside a known object is,
technically, undefined behaviour in C. Unfortunately, we were using that
in fdt_offset_ptr() to detect overflows.
To fix this we need to do our bounds / overflow checking on the offsets
before constructing pointers from them.
Acked-by: Jerome Forissier <jerome.forissier@linaro.org>
Fixes: https://github.com/OP-TEE/optee_os/issues/1967
Signed-off-by: Jens Wiklander <jens.wiklander@linaro.org>
|