:: commit cf31779516b9d82a83d31647209c43d80288a3c0
lib/misc: Validate user-supplied DTB before invoking libfdt
diff --git a/common/lib/misc.c b/common/lib/misc.c
index 2c850a7b..fbc18570 100644
--- a/common/lib/misc.c
+++ b/common/lib/misc.c
@@ -145,6 +145,12 @@ void *get_device_tree_blob(const char *config, size_t extra_size) {
dtb = dtb_file->fd;
size = dtb_file->size;
fclose(dtb_file);
+
+ ret = fdt_check_full(dtb, size);
+ if (ret != 0) {
+ panic(soft_panic, "dtb: Invalid device tree blob at `%#`: '%s'", dtb_path, fdt_strerror(ret));
+ }
+
printv("dtb: loaded dtb at %p from file `%#`\n", dtb, dtb_path);
}
}
