u-boot/lib/libfdt
Konrad Beckmann 21ebf2adde fdt_region: Ensure that depth never goes below -1
A specially crafted FIT image makes it possible to overflow the stack
with controlled values when using the verified boot feature. Depending
on the memory layout, this could be used to overwrite configuration
variables on the heap and setting them to 0, e.g. disable signature
verification, thus bypassing it.

This change fixes a bug in fdt_find_regions where the fdt structure is
parsed. A lower value than -1 of depth can lead to a buffer underflow
write on the stack.

Signed-off-by: Konrad Beckmann <konrad.beckmann@gmail.com>
Reviewed-by: Simon Glass <sjg@chromium.org>
2018-11-16 16:52:01 -05:00
..
fdt.c lib: libfdt: wrap scripts/dtc/libfdt/* where possible 2017-11-17 07:44:13 -05:00
fdt_addresses.c lib: libfdt: wrap scripts/dtc/libfdt/* where possible 2017-11-17 07:44:13 -05:00
fdt_empty_tree.c lib: libfdt: wrap scripts/dtc/libfdt/* where possible 2017-11-17 07:44:13 -05:00
fdt_overlay.c lib: libfdt: wrap scripts/dtc/libfdt/* where possible 2017-11-17 07:44:13 -05:00
fdt_region.c fdt_region: Ensure that depth never goes below -1 2018-11-16 16:52:01 -05:00
fdt_ro.c scripts/dtc: Update to upstream version v1.4.6-9-gaadd0b65c987 2018-05-31 08:53:11 -04:00
fdt_rw.c libfdt: migrate fdt_rw.c to a wrapper of scripts/dtc/libfdt/fdt_rw.c 2018-01-28 12:27:30 -05:00
fdt_strerror.c lib: libfdt: wrap scripts/dtc/libfdt/* where possible 2017-11-17 07:44:13 -05:00
fdt_sw.c lib: libfdt: wrap scripts/dtc/libfdt/* where possible 2017-11-17 07:44:13 -05:00
fdt_wip.c libfdt: migrate fdt_wip.c to a wrapper of scripts/dtc/libfdt/fdt_wip.c 2017-12-04 09:59:02 -05:00
libfdt_internal.h libfdt: change libfdt_internal.h to a wrapper of scripts/dtc/libfdt/* 2017-11-17 07:44:13 -05:00
Makefile SPDX: Convert all of our single license tags to Linux Kernel style 2018-05-07 09:34:12 -04:00
README lib/libfdt/: General aesthetic/style fixes. 2016-06-19 17:05:55 -06:00
test_libfdt.py dm: Add a more efficient libfdt library 2016-07-14 20:40:24 -06:00

The libfdt functionality was written by David Gibson.  The original
source came from the Git repository:

URL:		git://ozlabs.org/home/dgibson/git/libfdt.git

author		David Gibson <dgibson@sneetch.(none)>
		Fri, 23 Mar 2007 04:16:54 +0000 (15:16 +1100)
committer	David Gibson <dgibson@sneetch.(none)>
		Fri, 23 Mar 2007 04:16:54 +0000 (15:16 +1100)
commit		857f54e79f74429af20c2b5ecc00ee98af6a3b8b
tree		2f648f0f88225a51ded452968d28b4402df8ade0
parent		07a12a08005f3b5cd9337900a6551e450c07b515

To adapt for U-Boot usage, only the applicable files were copied and
imported into the U-Boot Git repository.

Omitted:

  * GPL - U-Boot comes with a copy of the GPL license
  * test subdirectory - not directly useful for U-Boot

After importing, other customizations were performed.  See the
"git log" for details.

Jerry Van Baren