On Mon, Feb 15, 2021 at 05:08:06PM -0700, Simon Glass wrote: > When searching for a node called 'fred', any unit address appended to the > name is ignored by libfdt, meaning that 'fred' can match 'fred@1'. This > means that we cannot be sure that the node originally intended is the one > that is used. > > Disallow use of nodes with unit addresses. > > Update the forge test also, since it uses @ addresses. > > CVE-2021-27138 > > Signed-off-by: Simon Glass <s...@chromium.org> > Reported-by: Bruce Monroe <bruce.mon...@intel.com> > Reported-by: Arie Haenel <arie.hae...@intel.com> > Reported-by: Julien Lenoir <julien.len...@intel.com>
Applied to u-boot/master, thanks! -- Tom
signature.asc
Description: PGP signature