[PATCH v4] image-fit: Limit recursion depth in fdt_check_no_at()
Tom Rini
trini at konsulko.com
Sat Jun 13 20:04:14 CEST 2026
On Tue, Jun 02, 2026 at 07:31:30PM +0100, Anton Ivanov wrote:
> fdt_check_no_at() recurses into every subnode without a depth
> limit. A deeply nested FIT image can exhaust the stack and crash
> U-Boot during signature verification of an untrusted FIT.
>
> Add a depth check using FDT_MAX_DEPTH to bound the recursion.
>
> Signed-off-by: Anton Ivanov <anton at binarly.io>
Applied to u-boot/next, thanks!
--
Tom
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 228 bytes
Desc: not available
URL: <https://lists.denx.de/pipermail/u-boot/attachments/20260613/be5db82a/attachment.sig>
More information about the U-Boot
mailing list