[PATCH] tool: ifwitool: Fix buffer overflow

Tom Rini trini at konsulko.com
Thu Dec 8 21:23:23 CET 2022


On Fri, Nov 18, 2022 at 02:50:24PM +0300, Mikhail Ilin wrote:

> An incorrect 1st parameter is passed to the fix_member()
>  function. Should use a pointer to the beginning of the parent structure
>  (bpdt or subpart_dir, because are boxed), not to their fields. Otherwise,
>  this leads to an overrun of the structure boundary, since in the
>  fix_member() function, an 'offset' is made, relative to the 1st argument,
>  which itself is an 'offset' from the beginning of the structure.
> 
> Signed-off-by: Mikhail Ilin <ilin.mikhail.ol at gmail.com>
> Reviewed-by: Simon Glass <sjg at chromium.org>

Applied to u-boot/next, thanks!

-- 
Tom
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 659 bytes
Desc: not available
URL: <https://lists.denx.de/pipermail/u-boot/attachments/20221208/b8a6bbcc/attachment.sig>


More information about the U-Boot mailing list