Hi David, On 3 April 2018 at 23:02, David Gibson <david@xxxxxxxxxxxxxxxxxxxxx> wrote: > > On Fri, Mar 30, 2018 at 04:42:21PM +0800, Simon Glass wrote: > > Hi David, > > > > On 26 March 2018 at 07:25, David Gibson <david@xxxxxxxxxxxxxxxxxxxxx> wrote: > > > fdt_string() is used to retrieve strings from a DT blob's strings section. > > > It's rarely used directly, but is widely used internally. > > > > > > However, it doesn't do any bounds checking, which means in the case of a > > > corrupted blob it could access bad memory, which libfdt is supposed to > > > avoid. > > > > > > This write a safe alternative to fdt_string, fdt_get_string(). It checks > > > both that the given offset is within the string section and that the string > > > it points to is properly \0 terminated within the section. It also returns > > > the string's length as a convenience (since it needs to determine to do the > > > checks anyway). > > > > > > fdt_string() is rewritten in terms of fdt_get_string() for compatibility. > > > > > > Most of the diff here is actually testing infrastructure. > > > > > > Signed-off-by: David Gibson <david@xxxxxxxxxxxxxxxxxxxxx> > > > --- > > > libfdt/fdt_ro.c | 61 +++++++++++++++++++++++++++++++++++-- > > > libfdt/libfdt.h | 18 ++++++++++- > > > libfdt/version.lds | 2 +- > > > tests/.gitignore | 1 + > > > tests/Makefile.tests | 2 +- > > > tests/run_tests.sh | 1 + > > > tests/testdata.h | 1 + > > > tests/testutils.c | 11 +++++-- > > > tests/trees.S | 26 ++++++++++++++++ > > > tests/truncated_string.c | 79 ++++++++++++++++++++++++++++++++++++++++++++++++ > > > 10 files changed, 193 insertions(+), 9 deletions(-) > > > create mode 100644 tests/truncated_string.c > > > > Similar code-size quesiton here. It looks like a lot of checking code. > > Can we have an option to remove it? > > Again, I'm disinclined without a concrete example of a problem. Fwiw > the code size change is +276 bytes on my setup. That might not sound like a lot, but the overhead of DT in U-Boot is about 3KB, so this adds nearly 10%. The specific problem is that when U-Boot SPL gets too big boards don't boot. Because we take the upstream libfdt this will affect U-Boot. Do you have any thoughts on how we could avoid this size increase? > > > > > > > > > diff --git a/libfdt/fdt_ro.c b/libfdt/fdt_ro.c > > > index 4f4ef44..347aa7b 100644 > > > --- a/libfdt/fdt_ro.c > > > +++ b/libfdt/fdt_ro.c > > > @@ -76,17 +76,72 @@ static int fdt_nodename_eq_(const void *fdt, int offset, > > > return 0; > > > } > > > > > > +const char *fdt_get_string(const void *fdt, int stroffset, int *lenp) > > > > Comment? The difference between fdt_get_string() and fdt_string() is > > not obvious from the name. > > There are full banner comments in libfdt.h. Basically the only > difference is that fdt_get_string() returns the length as well. OK. Regards, Simon -- To unsubscribe from this list: send the line "unsubscribe devicetree-compiler" in the body of a message to majordomo@xxxxxxxxxxxxxxx More majordomo info at http://vger.kernel.org/majordomo-info.html
