[PATCH] fdt: off by one in ofnode_lookup_fdt()

Wed Jul 26 08:59:52 CEST 2023

The "oftree_count" is the number of entries which have been set in
the oftree_list[] array.  If all the entries have been initialized then
this off by one would result in reading one element beyond the end
of the array.

Signed-off-by: Dan Carpenter <dan.carpenter at linaro.org>
---
 drivers/core/ofnode.c | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/drivers/core/ofnode.c b/drivers/core/ofnode.c
index 8df16e56af5c..a4dc9bde085c 100644
--- a/drivers/core/ofnode.c
+++ b/drivers/core/ofnode.c
@@ -103,7 +103,7 @@ void *ofnode_lookup_fdt(ofnode node)
 	if (gd->flags & GD_FLG_RELOC) {
 		uint i = OFTREE_TREE_ID(node.of_offset);
 
-		if (i > oftree_count) {
+		if (i >= oftree_count) {
 			log_debug("Invalid tree ID %x\n", i);
 			return NULL;
 		}
-- 
2.39.2

