[PATCH 0/2] spl: fix error handling in spl_fit_get_image_name()
Heinrich Schuchardt
heinrich.schuchardt at canonical.com
Tue Jun 24 16:51:13 CEST 2025
spl_fit_get_image_name() used to lack a detection of malformed image name
properties in FIT images. The change in commit 3704b888a4ca ("common/spl:
fix potential out of buffer access in spl_fit_get_image_name function")
tried to fix this but led to function spl_fit_get_image_name() no longer
detecting if a property at index > 1 does not exist.
This patch is reverted.
An explicit check for malformed image name properties is introduced.
Cf.
[BUG] [PATCH v5 1/3] common/spl: fix potential out of buffer access in
spl_fit_get_image_name function
https://lore.kernel.org/u-boot/38f5d078-3328-4bdb-9c95-4fb5fe89ddc2@gmx.de/T/#u
Heinrich Schuchardt (2):
common/spl: Revert fix potential out of buffer access in
spl_fit_get_image_name function
common/spl: guard against buffer overflow in spl_fit_get_image_name()
common/spl/spl_fit.c | 13 +++++++++----
1 file changed, 9 insertions(+), 4 deletions(-)
--
2.48.1
More information about the U-Boot
mailing list