[PATCH 1/1] cmd: fdt: check fdt address
Simon Glass
sjg at chromium.org
Sun Dec 31 15:22:14 CET 2023
Hi Heinrich,
On Wed, Dec 20, 2023 at 5:00 PM Heinrich Schuchardt
<heinrich.schuchardt at canonical.com> wrote:
>
> Trying to read a device-tree from an illegal address leads to a crash.
>
> Check that the parameter passed to 'fdt addr' is within the RAM area and
> non-zero.
What is the motivation for this patch? Is something crashing? We don't
do this with the 'md' command, for example.
Regards,
Simon
>
> Signed-off-by: Heinrich Schuchardt <heinrich.schuchardt at canonical.com>
> ---
> cmd/fdt.c | 5 +++++
> 1 file changed, 5 insertions(+)
>
> diff --git a/cmd/fdt.c b/cmd/fdt.c
> index 331564c13b..dc954ea7d5 100644
> --- a/cmd/fdt.c
> +++ b/cmd/fdt.c
> @@ -193,6 +193,11 @@ static int do_fdt(struct cmd_tbl *cmdtp, int flag, int argc, char *const argv[])
> }
>
> addr = hextoul(argv[0], NULL);
> + if (!addr || addr < gd->ram_base || addr >= gd->ram_top) {
> + printf("Invalid address\n");
> + return CMD_RET_FAILURE;
> + }
> +
> blob = map_sysmem(addr, 0);
> if ((quiet && fdt_check_header(blob)) ||
> (!quiet && !fdt_valid(&blob)))
> --
> 2.40.1
>
More information about the U-Boot
mailing list