diff options
| author | Xin Li <delphij@google.com> | 2023-01-13 07:32:39 +0000 |
|---|---|---|
| committer | Android (Google) Code Review <android-gerrit@google.com> | 2023-01-13 07:32:39 +0000 |
| commit | 0a14873b3df2d07fab72ffe31f01f21051a3df67 (patch) | |
| tree | de4f284f37773e18eb7a68a4edadac56b895bb7f | |
| parent | 4d2cf52081fbd897f2e8c65277e0ba076975f0ec (diff) | |
| parent | 0dc1efa4ca1f7a11e9f9e7ac4335300999f980ef (diff) | |
| download | libufdt-0a14873b3df2d07fab72ffe31f01f21051a3df67.tar.gz | |
Merge "Merge tm-qpr-dev-plus-aosp-without-vendor@9467136" into stage-aosp-master
| -rw-r--r-- | tests/src/extract_dtb.c | 55 | ||||
| -rw-r--r-- | tests/src/fdt_overlay_test_app.c | 9 | ||||
| -rw-r--r-- | tests/src/ufdt_overlay_test_app.c | 4 | ||||
| -rw-r--r-- | ufdt_convert.c | 7 | ||||
| -rw-r--r-- | ufdt_node.c | 8 | ||||
| -rw-r--r-- | ufdt_overlay.c | 4 |
6 files changed, 57 insertions, 30 deletions
diff --git a/tests/src/extract_dtb.c b/tests/src/extract_dtb.c index 8d74324..3e14618 100644 --- a/tests/src/extract_dtb.c +++ b/tests/src/extract_dtb.c @@ -22,8 +22,7 @@ #include "util.h" - -int find_dtb_header_pos(const char *buf, size_t buf_size) { +static int find_dtb_header_pos(const char *buf, size_t buf_size) { if (buf == NULL || buf_size == 0) { return -1; } @@ -44,34 +43,44 @@ int find_dtb_header_pos(const char *buf, size_t buf_size) { return pos; } -int find_and_write_dtb(const char *filename, - const char *buf, size_t buf_size) { +static int find_and_write_dtb(const char *filename, const char *buf, + size_t buf_size) { int tag_pos = find_dtb_header_pos(buf, buf_size); if (tag_pos < 0) { - goto end; + return -1; } + buf_size -= tag_pos; + + // Allocate and copy into new buffer to fix memory alignment + char *fdt_ptr = malloc(buf_size); + if (!fdt_ptr) { + fprintf(stderr, "malloc(%u) failed.\n", buf_size - tag_pos); + goto error; + } + + memcpy(fdt_ptr, buf + tag_pos, buf_size); + // Check FDT header - const char *fdt_ptr = buf + tag_pos; - if (fdt_check_header(fdt_ptr) != 0) { - fprintf(stderr, "Bad DTB header.\n"); - goto end; + if (fdt_check_full(fdt_ptr, buf_size) != 0) { + fprintf(stderr, "Bad DTB.\n"); + goto error; } // Check FDT size and actual size size_t fdt_size = fdt_totalsize(fdt_ptr); - size_t fdt_actual_size = buf_size - tag_pos; - int fdt_size_diff = (int)fdt_actual_size - (int)fdt_size; - if (fdt_size_diff) { - fprintf(stderr, "Wrong size: actual size = %d FDT size = %d(%d)\n", - fdt_actual_size, fdt_size, fdt_size_diff); + if (buf_size < fdt_size) { + fprintf(stderr, + "Wrong size: fdt truncated: buffer size = %zu < FDT size = %zu\n", + buf_size, fdt_size); + goto error; } // Print the DT basic information int root_node_off = fdt_path_offset(fdt_ptr, "/"); if (root_node_off < 0) { fprintf(stderr, "Can not get the root node.\n"); - goto end; + goto error; } printf("Output %s\n", filename); const char *model = @@ -84,22 +93,26 @@ int find_and_write_dtb(const char *filename, // Output DTB file if (write_fdt_to_file(filename, fdt_ptr) != 0) { fprintf(stderr, "Write file error: %s\n", filename); - goto end; + goto error; } -end: + free(fdt_ptr); + return tag_pos; + +error: + if (fdt_ptr) free(fdt_ptr); + return -1; } -int extract_dtbs(const char *in_filename, - const char *out_dtb_filename, - const char *out_image_filename) { +static int extract_dtbs(const char *in_filename, const char *out_dtb_filename, + const char *out_image_filename) { int ret = 1; char *buf = NULL; size_t buf_size; buf = load_file(in_filename, &buf_size); - if (!buf) { + if (!buf || fdt_check_full(buf, buf_size)) { fprintf(stderr, "Can not load file: %s\n", in_filename); goto end; } diff --git a/tests/src/fdt_overlay_test_app.c b/tests/src/fdt_overlay_test_app.c index 3b65a7d..04fcdd9 100644 --- a/tests/src/fdt_overlay_test_app.c +++ b/tests/src/fdt_overlay_test_app.c @@ -31,20 +31,25 @@ int apply_overlay_files(const char *out_filename, const char *base_filename, size_t base_len; base_buf = load_file(base_filename, &base_len); - if (!base_buf) { + if (!base_buf || fdt_check_full(base_buf, base_len)) { fprintf(stderr, "Can not load base file: %s\n", base_filename); goto end; } size_t overlay_len; overlay_buf = load_file(overlay_filename, &overlay_len); - if (!overlay_buf) { + if (!overlay_buf || fdt_check_full(overlay_buf, overlay_len)) { fprintf(stderr, "Can not load overlay file: %s\n", overlay_filename); goto end; } size_t merged_buf_len = base_len + overlay_len; merged_buf = dto_malloc(merged_buf_len); + if (!merged_buf) { + fprintf(stderr, "Malloc failed: %zu bytes needed\n", merged_buf_len); + goto end; + } + fdt_open_into(base_buf, merged_buf, merged_buf_len); clock_t start = clock(); diff --git a/tests/src/ufdt_overlay_test_app.c b/tests/src/ufdt_overlay_test_app.c index e73158b..9d47476 100644 --- a/tests/src/ufdt_overlay_test_app.c +++ b/tests/src/ufdt_overlay_test_app.c @@ -32,14 +32,14 @@ int apply_overlay_files(const char *out_filename, const char *base_filename, size_t blob_len; base_buf = load_file(base_filename, &blob_len); - if (!base_buf) { + if (!base_buf || fdt_check_full(base_buf, blob_len)) { fprintf(stderr, "Can not load base file: %s\n", base_filename); goto end; } size_t overlay_len; overlay_buf = load_file(overlay_filename, &overlay_len); - if (!overlay_buf) { + if (!overlay_buf || fdt_check_full(overlay_buf, overlay_len)) { fprintf(stderr, "Can not load overlay file: %s\n", overlay_filename); goto end; } diff --git a/ufdt_convert.c b/ufdt_convert.c index 990b578..3db12a0 100644 --- a/ufdt_convert.c +++ b/ufdt_convert.c @@ -350,10 +350,11 @@ static int _ufdt_output_property_to_fdt( int data_len = 0; void *data = ufdt_node_get_fdt_prop_data(&prop_node->parent, &data_len); - int aligned_data_len = (data_len + (FDT_TAGSIZE - 1)) & ~(FDT_TAGSIZE - 1); + unsigned int aligned_data_len = + ((unsigned int)data_len + (FDT_TAGSIZE - 1u)) & ~(FDT_TAGSIZE - 1u); - int new_propoff = fdt_size_dt_struct(fdtp); - int new_prop_size = sizeof(struct fdt_property) + aligned_data_len; + unsigned int new_propoff = fdt_size_dt_struct(fdtp); + unsigned int new_prop_size = sizeof(struct fdt_property) + aligned_data_len; struct fdt_property *new_prop = (struct fdt_property *)((char *)fdtp + fdt_off_dt_struct(fdtp) + new_propoff); diff --git a/ufdt_node.c b/ufdt_node.c index 89e2a17..3568ad7 100644 --- a/ufdt_node.c +++ b/ufdt_node.c @@ -126,7 +126,13 @@ char *ufdt_node_get_fdt_prop_data(const struct ufdt_node *node, int *out_len) { } const struct fdt_property *prop = (struct fdt_property *)node->fdt_tag_ptr; if (out_len != NULL) { - *out_len = fdt32_to_cpu(prop->len); + uint32_t prop_len = fdt32_to_cpu(prop->len); + + if (prop_len > INT_MAX) { + return NULL; + } + + *out_len = prop_len; } return (char *)prop->data; } diff --git a/ufdt_overlay.c b/ufdt_overlay.c index 43b4f56..16210ae 100644 --- a/ufdt_overlay.c +++ b/ufdt_overlay.c @@ -448,12 +448,14 @@ static int ufdt_local_fixup_prop(struct ufdt_node *target_prop_node, int len = 0; prop_offsets_ptr = ufdt_node_get_fdt_prop_data(local_fixup_prop_node, &len); + if (prop_offsets_ptr == NULL || len % sizeof(fdt32_t) != 0) return -1; + char *prop_data; int target_length = 0; prop_data = ufdt_node_get_fdt_prop_data(target_prop_node, &target_length); - if (prop_offsets_ptr == NULL || prop_data == NULL) return -1; + if (prop_data == NULL) return -1; int i; for (i = 0; i < len; i += sizeof(fdt32_t)) { |