Gitiles
Code Review Sign In
git01.mediatek.com / filogic / atf / 03003b01e7b3314941a938131c9e587801f027c8
commit03003b01e7b3314941a938131c9e587801f027c8[log] [tgz]
authorDavid Horstmann <david.horstmann@arm.com>Mon Jul 26 16:31:42 2021 +0100
committerDavid Horstmann <david.horstmann@arm.com>Mon Jul 26 16:42:25 2021 +0100
tree8f0d28da8f47a6d58363ac5efb2888da40f1b9b6
parentdd8af683a5f323e730aba6e08331430680926b9e [diff]
fix(fdt): fix OOB write in uuid parsing function

The function read_uuid() zeroes the UUID destination buffer
on error. However, it mistakenly uses the dest pointer
that has been incremented many times during the parsing,
leading to an out-of-bounds write.

To fix this, retain a pointer to the start of the buffer,
and use this when clearing it instead.

Signed-off-by: David Horstmann <david.horstmann@arm.com>
Change-Id: Iee8857be5d3f383ca2eab86cde99a43bf606f306
1 file changed
tree: 8f0d28da8f47a6d58363ac5efb2888da40f1b9b6
  1. .husky/
  2. bl1/
  3. bl2/
  4. bl2u/
  5. bl31/
  6. bl32/
  7. common/
  8. docs/
  9. drivers/
  10. fdts/
  11. include/
  12. lib/
  13. licenses/
  14. make_helpers/
  15. plat/
  16. services/
  17. tools/
  18. .checkpatch.conf
  19. .cz.json
  20. .editorconfig
  21. .gitignore
  22. .gitreview
  23. commitlint.config.js
  24. dco.txt
  25. license.rst
  26. Makefile
  27. package-lock.json
  28. package.json
  29. readme.rst