Merge "ANDROID: fuzz: Only check valid phandles" am: 91b7c8d942 am: ec4f0887eb am: 2b3ff5c1b6
Original change: https://android-review.googlesource.com/c/platform/external/dtc/+/2171323
Change-Id: I20f75ae2007ef8ee962a57b3cc53bc6c6761f4cf
Signed-off-by: Automerger Merge Worker <android-build-automerger-merge-worker@system.gserviceaccount.com>
diff --git a/fuzzing/libfdt_fuzzer.c b/fuzzing/libfdt_fuzzer.c
index 98e03c8..89fe3c2 100644
--- a/fuzzing/libfdt_fuzzer.c
+++ b/fuzzing/libfdt_fuzzer.c
@@ -55,6 +55,9 @@
#endif
}
+static bool phandle_is_valid(uint32_t phandle) {
+ return phandle != 0 && phandle != UINT32_MAX;
+}
static void walk_device_tree(const void *device_tree, int parent_node) {
int len = 0;
@@ -64,8 +67,9 @@
}
uint32_t phandle = fdt_get_phandle(device_tree, parent_node);
- if (phandle != 0) {
- assert(parent_node == fdt_node_offset_by_phandle(device_tree, phandle));
+ if (phandle_is_valid(phandle)) {
+ int node = fdt_node_offset_by_phandle(device_tree, phandle);
+ assert(node >= 0); // it should at least find parent_node
}
// recursively walk the node's children