[PATCH 1/1] boot: pxe_utils: avoid illegal memory access
Kory Maincent
kory.maincent at bootlin.com
Mon Nov 17 10:10:55 CET 2025
On Sun, 16 Nov 2025 12:24:54 +0100
Heinrich Schuchardt <heinrich.schuchardt at canonical.com> wrote:
> We must not use an uninitialized pointer as target for snprintf() if
> label->fdtdir == NULL.
>
> Avoid a buffer overrun due to allocating len bytes but calling snprintf()
> with a larger value dir_len.
>
> Fixes: 935109cd9e97 ("boot: pxe_utils: Add extension board devicetree overlay
> support") Addresses-Coverity-ID: 638558 Memory - illegal accesses (UNINIT)
> Signed-off-by: Heinrich Schuchardt <heinrich.schuchardt at canonical.com>
Hello Heinrich, I have already sent a fix for this. Sorry I forgot to add you
in Cc.
https://patchwork.ozlabs.org/project/uboot/patch/20251113093313.362055-1-kory.maincent@bootlin.com/
> ---
> Hello Kory,
>
> Please, provide a test case for your patch
> 935109cd9e97 ("boot: pxe_utils: Add extension board devicetree overlay
> support")
>
> It is unclear to me why you use
>
> overlay_dir = './' if label->fdtdir == "" and
> overlay_dir = "/" if label->fdtdir == NULL.
>
> When opening a file in U-Boot './foo" and "/foo" anyway point to the same
> file foo in the root directory.
>
> Shouldn't we use the same value "/" in both cases?
Yes, I know. In case of label->fdtfir defined I used the same logic as the one
used to locate the devicetree:
https://elixir.bootlin.com/u-boot/v2025.10/source/boot/pxe_utils.c#L638
But indeed there is no consistency between label->fdtdir == "" and
label->fdtdir == NULL. If we want to use the same logic and follow devicetree
search logic we should use "./" in both cases.
But this change should be made in another patch than this one.
Regards,
--
Köry Maincent, Bootlin
Embedded Linux and kernel engineering
https://bootlin.com
More information about the U-Boot
mailing list