Handle integer overflow in check_property_phandle_args()

If the corresponding '#xxx-cells' value is much too large, an integer overflow can prevent the checks in check_property_phandle_args() from correctly determining that the checked property is too short for the given cells value. This leads to an infinite loops. This patch fixes the bug, and adds a testcase for it. Further information in https://github.com/dgibson/dtc/issues/64 Reported-by: Anciety <anciety@pku.edu.cn> Signed-off-by: David Gibson <david@gibson.dropbear.id.au>
2025-10-13 16:27:39 -04:00 · 2021-12-29 15:08:28 +11:00 · 2021-12-29 15:08:28 +11:00 · ff5afb96d0
commit ff5afb96d0
parent ca72944343
3 changed files with 30 additions and 6 deletions
--- a/tests/phandle-args-overflow.dts
+++ b/tests/phandle-args-overflow.dts
@ -0,0 +1,18 @@
+/dts-v1/;
+
+/*
+ * https://github.com/dgibson/dtc/issues/64
+ *
+ * Certain dtc versions had a bug where this input caused an infinite
+ * loop in check_property_phandle_args().
+ *
+ */
+
+/ {
+    clocks = <&ref &ref>;
+
+    ref: poc {
+        phandle = <1>;
+        #clock-cells = <0xffffffff>;
+    };
+};
--- a/tests/run_tests.sh
+++ b/tests/run_tests.sh
@ -513,6 +513,9 @@ libfdt_tests () {
    run_dtc_test -I fs -O dtb -o fs.test_tree1.test.dtb $FSBASE/test_tree1
    run_test dtbs_equal_unordered -m fs.test_tree1.test.dtb test_tree1.dtb

+    ## https://github.com/dgibson/dtc/issues/64
+    check_tests "$SRCDIR/phandle-args-overflow.dts" clocks_property
+
    # check full tests
    for good in test_tree1.dtb; do
 	run_test check_full $good