From: Jon Nalley <li...@bluebot.org> It has been observed that fit_check_format() will fail when passed a corrupt FIT image. This was tracked down to _fdt_string_eq(): return (strlen(p) == len) && (memcmp(p, s, len) == 0);
In the case of a corrupt FIT image one can't depend on 'p' being NULL terminated. I changed it to use strnlen() to fix the issue. Signed-off-by: Tom Rini <tr...@ti.com> --- Changes in v2: - Pass len + 1, not len to strnlen as that's the best practice for strnlen. --- lib/libfdt/fdt_ro.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/lib/libfdt/fdt_ro.c b/lib/libfdt/fdt_ro.c index f2154e8..36af043 100644 --- a/lib/libfdt/fdt_ro.c +++ b/lib/libfdt/fdt_ro.c @@ -44,7 +44,7 @@ static int _fdt_string_eq(const void *fdt, int stroffset, { const char *p = fdt_string(fdt, stroffset); - return (strlen(p) == len) && (memcmp(p, s, len) == 0); + return (strnlen(p, len + 1) == len) && (memcmp(p, s, len) == 0); } int fdt_get_mem_rsv(const void *fdt, int n, uint64_t *address, uint64_t *size) -- 1.7.9.5 _______________________________________________ U-Boot mailing list U-Boot@lists.denx.de http://lists.denx.de/mailman/listinfo/u-boot