Needs a check in the device tree

[jianqiang wang]

Dear Das U-Boot developers,

I found that the u-boot device tree implementation lacks a check for the
off_dt_struct field in the device tree.

In file scripts\dtc\libfdt\libfdt_internal.h, fdt_offset_ptr_ returns the
dt struct address. It calculates the address by adding the header address,
fdt offset, and a specified offset. However, the fdt offset is read from
the device tree and lacks a proper check. The returned pointer can even
point to any address, leading to arbitrary read or write.

Could you please confirm it is a vulnerability?

best regards
Jianqiang