On 2/10/26 17:29, Romain Gantois wrote:
> The ofnode_to_fdt() function may return a NULL pointer in multiple cases.
> Or, this function's return value is often passed directly to functions such
> as fdt_getprop() which end up dereferencing it, thus causing a NULL pointer
> exception.
>
> Don't allow ofnode_to_fdt() to return NULL, to avoid a NULL pointer
> dereference.
>
> Signed-off-by: Romain Gantois <[email protected]>
> ---
Hi Romain,
Reviewed-by: Raphaël Gallais-Pou <[email protected]>
Best regards,
Raphaël
> drivers/core/ofnode.c | 13 +++++++++----
> 1 file changed, 9 insertions(+), 4 deletions(-)
>
> diff --git a/drivers/core/ofnode.c b/drivers/core/ofnode.c
> index cf1cf8abfbe..af24a2c533c 100644
> --- a/drivers/core/ofnode.c
> +++ b/drivers/core/ofnode.c
> @@ -164,15 +164,20 @@ void *ofnode_lookup_fdt(ofnode node)
>
> void *ofnode_to_fdt(ofnode node)
> {
> + void *fdt;
> +
> #ifdef OF_CHECKS
> if (of_live_active())
> - return NULL;
> + panic("%s called with live tree in use!\n", __func__);
> #endif
> if (CONFIG_IS_ENABLED(OFNODE_MULTI_TREE) && ofnode_valid(node))
> - return ofnode_lookup_fdt(node);
> + fdt = ofnode_lookup_fdt(node);
> + else
> + fdt = gd->fdt_blob;
> +
> + assert(fdt);
>
> - /* Use the control FDT by default */
> - return (void *)gd->fdt_blob;
> + return fdt;
> }
>
> /**
>
> ---
> base-commit: b99da05e1538b8fa153322da82917af2aa27e1d6
> change-id: 20260210-ofnode-to-fdt-null-95a9f357819e
>
> Best regards,
