[U-Boot] (patch) segfault when calling fit_check_format() on corrupt FIT images

Jon Nalley lists at bluebot.org
Wed Mar 10 16:07:56 CET 2010


On Mon, Mar 8, 2010 at 3:14 PM, Wolfgang Denk <wd at denx.de> wrote:
> Corruption should be detected by the checksum tests we're doing.

It is possible to have a FIT image that is corrupted such that when
fit_check_format() is called it segfaults (due to strlen() being
called on data that is not null terminated).  It is then not possible
to read the checksums from the FIT image for comparison.

Is there another checksum I should be looking at?

My target platform is powerpc 405 and uses uclibc 0.9.30.2.  Again, I
am trying to determine the status of a FIT image from Linux, not from
u-boot.  I noticed that the issue does not occur on x86 Linux with
glibc, perhaps there is a difference in in the strlen()
implementation.

Since the strlen() bug is in libfdt, it is probably better for me to
communicate this issue to the libfdt developers.

Regards,

Jon Nalley


More information about the U-Boot mailing list