mirror of
https://github.com/dgibson/dtc.git
synced 2025-12-08 12:45:29 -05:00
libfdt: Safer access to strings section
fdt_string() is used to retrieve strings from a DT blob's strings section. It's rarely used directly, but is widely used internally. However, it doesn't do any bounds checking, which means in the case of a corrupted blob it could access bad memory, which libfdt is supposed to avoid. This write a safe alternative to fdt_string, fdt_get_string(). It checks both that the given offset is within the string section and that the string it points to is properly \0 terminated within the section. It also returns the string's length as a convenience (since it needs to determine to do the checks anyway). fdt_string() is rewritten in terms of fdt_get_string() for compatibility. Most of the diff here is actually testing infrastructure. Signed-off-by: David Gibson <david@gibson.dropbear.id.au> Tested-by: Alexey Kardashevskiy <aik@ozlabs.ru> Reviewed-by: Alexey Kardashevskiy <aik@ozlabs.ru>
This commit is contained in:
David Gibson
parent
eb890c0f77
commit
70166d62a2
10 changed files with 193 additions and 9 deletions
|
|
@ -29,7 +29,7 @@ LIB_TESTS_L = get_mem_rsv \
|
|||
check_path check_header
|
||||
LIB_TESTS = $(LIB_TESTS_L:%=$(TESTS_PREFIX)%)
|
||||
|
||||
LIBTREE_TESTS_L = truncated_property
|
||||
LIBTREE_TESTS_L = truncated_property truncated_string
|
||||
LIBTREE_TESTS = $(LIBTREE_TESTS_L:%=$(TESTS_PREFIX)%)
|
||||
|
||||
DL_LIB_TESTS_L = asm_tree_dump value-labels
|
||||
|
|
|
|||
Loading…
Add table
Add a link
Reference in a new issue