[PATCH] dm: core: Don't allow ofnode_to_fdt() to return NULL
Simon Glass
sjg at chromium.org
Fri Feb 13 21:20:16 CET 2026
Hi Romain,
On Tue, 10 Feb 2026 at 09:29, Romain Gantois <romain.gantois at bootlin.com> wrote:
>
> The ofnode_to_fdt() function may return a NULL pointer in multiple cases.
> Or, this function's return value is often passed directly to functions such
> as fdt_getprop() which end up dereferencing it, thus causing a NULL pointer
> exception.
>
> Don't allow ofnode_to_fdt() to return NULL, to avoid a NULL pointer
> dereference.
>
> Signed-off-by: Romain Gantois <romain.gantois at bootlin.com>
> ---
> drivers/core/ofnode.c | 13 +++++++++----
> 1 file changed, 9 insertions(+), 4 deletions(-)
>
> diff --git a/drivers/core/ofnode.c b/drivers/core/ofnode.c
> index cf1cf8abfbe..af24a2c533c 100644
> --- a/drivers/core/ofnode.c
> +++ b/drivers/core/ofnode.c
> @@ -164,15 +164,20 @@ void *ofnode_lookup_fdt(ofnode node)
>
> void *ofnode_to_fdt(ofnode node)
> {
> + void *fdt;
> +
> #ifdef OF_CHECKS
> if (of_live_active())
> - return NULL;
> + panic("%s called with live tree in use!\n", __func__);
> #endif
> if (CONFIG_IS_ENABLED(OFNODE_MULTI_TREE) && ofnode_valid(node))
> - return ofnode_lookup_fdt(node);
> + fdt = ofnode_lookup_fdt(node);
> + else
> + fdt = gd->fdt_blob;
> +
> + assert(fdt);
>
> - /* Use the control FDT by default */
> - return (void *)gd->fdt_blob;
> + return fdt;
> }
>
> /**
>
> ---
> base-commit: b99da05e1538b8fa153322da82917af2aa27e1d6
> change-id: 20260210-ofnode-to-fdt-null-95a9f357819e
>
> Best regards,
> --
> Romain Gantois <romain.gantois at bootlin.com>
>
Reviewed-by: Simon Glass <simon.glass at canonical.com>
This seems to me to be a hole in the checking in fdt_check_node_offset_()
Regards,
Simon
More information about the U-Boot
mailing list