[PATCH] tool: ifwitool: Fix buffer overflow
Tom Rini
trini at konsulko.com
Thu Dec 8 21:23:23 CET 2022
On Fri, Nov 18, 2022 at 02:50:24PM +0300, Mikhail Ilin wrote:
> An incorrect 1st parameter is passed to the fix_member()
> function. Should use a pointer to the beginning of the parent structure
> (bpdt or subpart_dir, because are boxed), not to their fields. Otherwise,
> this leads to an overrun of the structure boundary, since in the
> fix_member() function, an 'offset' is made, relative to the 1st argument,
> which itself is an 'offset' from the beginning of the structure.
>
> Signed-off-by: Mikhail Ilin <ilin.mikhail.ol at gmail.com>
> Reviewed-by: Simon Glass <sjg at chromium.org>
Applied to u-boot/next, thanks!
--
Tom
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 659 bytes
Desc: not available
URL: <https://lists.denx.de/pipermail/u-boot/attachments/20221208/b8a6bbcc/attachment.sig>
More information about the U-Boot
mailing list