Hi Simon, > Is this a person? If so, can you use his/her name? As it stands it > seems like an orgnisation rather than a person.
We changed it to personal email in all the patches. Thank you, Anton On Wed, May 27, 2026 at 5:46 AM Simon Glass <[email protected]> wrote: > Hi Anton, > > On Tue, 26 May 2026 at 14:41, Anton Ivanov <[email protected]> wrote: > > > > From: Binarly Vulnerability Research <[email protected]> > > Is this a person? If so, can you use his/her name? As it stands it > seems like an orgnisation rather than a person. > > > > > fdt_get_name() can return NULL and set len to a negative error code. > > fdt_find_regions() does not check for this, leading to a potential NULL > > pointer dereference and a buffer out-of-bounds write. fdt_next_region(), > > fdt_check_full(), and display_fdt_by_regions() also lack validation. > > > > Add NULL checks and propagate the error code from fdt_get_name() > > to the caller. > > > > Signed-off-by: Binarly Vulnerability Research <[email protected]> > > --- > > Changes in v2: > > - Rewrite commit message to be concise per maintainer feedback > > - Don't mask fdt_get_name() returned error > > > > boot/fdt_region.c | 5 +++++ > > scripts/dtc/libfdt/fdt_ro.c | 3 +++ > > tools/fdtgrep.c | 3 +++ > > 3 files changed, 11 insertions(+) > > > > Regards, > Simon >
