Message ID | 1393432341-1654-1-git-send-email-trini@ti.com |
---|---|
State | Accepted |
Delegated to: | Tom Rini |
Headers | show |
On Wed, Feb 26, 2014 at 11:32:21AM -0500, Tom Rini wrote: > From: Jon Nalley <lists@bluebot.org> > > It has been observed that fit_check_format() will fail when passed a > corrupt FIT image. This was tracked down to _fdt_string_eq(): > return (strlen(p) == len) && (memcmp(p, s, len) == 0); > > In the case of a corrupt FIT image one can't depend on 'p' being NULL > terminated. I changed it to use strnlen() to fix the issue. > > Signed-off-by: Tom Rini <trini@ti.com> Applied to u-boot/master, thanks!
diff --git a/lib/libfdt/fdt_ro.c b/lib/libfdt/fdt_ro.c index f2154e8..36af043 100644 --- a/lib/libfdt/fdt_ro.c +++ b/lib/libfdt/fdt_ro.c @@ -44,7 +44,7 @@ static int _fdt_string_eq(const void *fdt, int stroffset, { const char *p = fdt_string(fdt, stroffset); - return (strlen(p) == len) && (memcmp(p, s, len) == 0); + return (strnlen(p, len + 1) == len) && (memcmp(p, s, len) == 0); } int fdt_get_mem_rsv(const void *fdt, int n, uint64_t *address, uint64_t *size)