4046 – [ANCK 4.19] unflatten_dt_nodes 函数中的存在可能得数组越界

Bug 4046 - [ANCK 4.19] unflatten_dt_nodes 函数中的存在可能得数组越界

Summary: [ANCK 4.19] unflatten_dt_nodes 函数中的存在可能得数组越界

Status:	RESOLVED FIXED

Alias:	None

Product:	ANCK 4.19 Dev
Classification:	ANCK
Component:	drivers (show other bugs)	drivers
Sub Component:
Version:	4.19-026.x
Hardware:	All Linux

Importance:	P3-Medium S3-normal
Target Milestone:	---
Assignee:	GuixinLiu
QA Contact:	shuming

URL:
Whiteboard:
Keywords:

Depends on:
Blocks:

Reported:	2023-02-13 09:37 UTC by songkai
Modified:	2023-02-28 19:37 UTC (History)
CC List:	2 users (show)

See Also:

Attachments
Add an attachment (proposed patch, testcase, etc.)

Note You need to log in before you can comment on or make changes to this bug.

Description songkai inspur_group

2023-02-13 09:37:45 UTC

Description of problem:

drivers/of/fdt.c文件的unflatten_dt_nodes函数存在潜在的数组越界问题，具体如下：

此函数存在如下定义：
#define FDT_MAX_DEPTH   64
        struct device_node *nps[FDT_MAX_DEPTH];

for循环中存在如下语句，WARN_ON_ONCE(depth >= FDT_MAX_DEPTH)
                            continue;
                       ............
                       if (!populate_node(blob, offset, &mem, nps[depth],
                                   &nps[depth+1], dryrun))


如果depth 值为63时,&nps[depth+1],取值时会产生数组越界的情况。


upstream 	2566706ac6393386a4e7c4ce23fe17f4c98d9aa0 已经解决了这个问题

Comment 1 maqiao alibaba_cloud_group

2023-02-28 19:37:23 UTC

merged: https://gitee.com/anolis/cloud-kernel/pulls/1178