On 1/23/26 4:25 PM, Tom Rini wrote:
"
diff --git a/tools/fit_image.c b/tools/fit_image.c
index 0306333141e..0c606ba4cc3 100644
--- a/tools/fit_image.c
+++ b/tools/fit_image.c
@@ -642,9 +642,15 @@ static int fit_extract_data(struct
image_tool_params *params, const char *fname)
for (node = fdt_first_subnode(fdt, images);
node >= 0;
node = fdt_next_subnode(fdt, node)) {
- const char *data;
+ const char *data, *type;
int len;
+ if (align_size < 8) {
+ type = fdt_getprop(fdt, node, FIT_TYPE_PROP, &len);
+ if (type && !strcmp(type, "flat_dt"))
+ align_size = 8;
+ }
+
data = fdt_getprop(fdt, node, FIT_DATA_PROP, &len);
if (!data)
continue;
"
I just ran a quick test with this diff and it seems to fix the issue for
us. If it's okay can we take the change as is.
I think the strcmp needs to be some strncmp and check the 'len' too.
Let's see what others think.
Probably fine to keep going as-is. If there's security challenges here
this isn't the first one I bet.
This is unacceptable.
Adding strncmp() is trivial.
