Hi Romain, On Tue, 10 Feb 2026 at 09:29, Romain Gantois <[email protected]> wrote: > > The ofnode_to_fdt() function may return a NULL pointer in multiple cases. > Or, this function's return value is often passed directly to functions such > as fdt_getprop() which end up dereferencing it, thus causing a NULL pointer > exception. > > Don't allow ofnode_to_fdt() to return NULL, to avoid a NULL pointer > dereference. > > Signed-off-by: Romain Gantois <[email protected]> > --- > drivers/core/ofnode.c | 13 +++++++++---- > 1 file changed, 9 insertions(+), 4 deletions(-) > > diff --git a/drivers/core/ofnode.c b/drivers/core/ofnode.c > index cf1cf8abfbe..af24a2c533c 100644 > --- a/drivers/core/ofnode.c > +++ b/drivers/core/ofnode.c > @@ -164,15 +164,20 @@ void *ofnode_lookup_fdt(ofnode node) > > void *ofnode_to_fdt(ofnode node) > { > + void *fdt; > + > #ifdef OF_CHECKS > if (of_live_active()) > - return NULL; > + panic("%s called with live tree in use!\n", __func__); > #endif > if (CONFIG_IS_ENABLED(OFNODE_MULTI_TREE) && ofnode_valid(node)) > - return ofnode_lookup_fdt(node); > + fdt = ofnode_lookup_fdt(node); > + else > + fdt = gd->fdt_blob; > + > + assert(fdt); > > - /* Use the control FDT by default */ > - return (void *)gd->fdt_blob; > + return fdt; > } > > /** > > --- > base-commit: b99da05e1538b8fa153322da82917af2aa27e1d6 > change-id: 20260210-ofnode-to-fdt-null-95a9f357819e > > Best regards, > -- > Romain Gantois <[email protected]> >
Reviewed-by: Simon Glass <[email protected]> This seems to me to be a hole in the checking in fdt_check_node_offset_() Regards, Simon
