[PATCH 0/2] spl: fix error handling in spl_fit_get_image_name()
E Shattow
e at freeshell.de
Wed Jun 25 04:00:09 CEST 2025
Hi Heinrich,
On 6/24/25 08:34, Heinrich Schuchardt wrote:
> spl_fit_get_image_name() used to lack a detection of malformed image name
> properties in FIT images. The change in commit 3704b888a4ca ("common/spl:
> fix potential out of buffer access in spl_fit_get_image_name function")
> tried to fix this but led to function spl_fit_get_image_name() no longer
> detecting if a property at index > 1 does not exist.
>
> This patch is reverted.
>
> An explicit check for malformed image name properties is introduced.
>
> Cf.
> [BUG] [PATCH v5 1/3] common/spl: fix potential out of buffer access in
> spl_fit_get_image_name function
> https://lore.kernel.org/u-boot/38f5d078-3328-4bdb-9c95-4fb5fe89ddc2@gmx.de/T/#u
>
> Heinrich Schuchardt (2):
> common/spl: Revert fix potential out of buffer access in
> spl_fit_get_image_name function
> common/spl: guard against buffer overflow in spl_fit_get_image_name()
>
> common/spl/spl_fit.c | 13 +++++++++----
> 1 file changed, 9 insertions(+), 4 deletions(-)
>
Before:
U-Boot SPL 2025.07-rc4-00030-g0daf2d0cabef (Jun 22 2025 - 23:27:44 -0700)
DDR version: dc2e84f0.
Trying to boot from SPI
cannot find image node '': -1
OpenSBI v1.6
After:
U-Boot SPL 2025.07-rc4-00032-g562b7d099d46 (Jun 24 2025 - 18:53:15 -0700)
DDR version: dc2e84f0.
Trying to boot from SPI
OpenSBI v1.6
For the series,
Tested-By: E Shattow <e at freeshell.de>
More information about the U-Boot
mailing list