Hi Wolfgang,
On 18 October 2013 07:55, Wolfgang Denk wd@denx.de wrote:
In message 525F8284.4000304@caviumnetworks.com you wrote:
Some of the checks in fdt_offset_ptr also look useless, such as if ((offset + len) < offset) which will always be false, or if (p + len < p)
What happens if the "offset" or "p" point to addresses close to the upper end of the address space, and adding "len" makes it wrap around?
I'm not sure how particular U-Boot is about this, but the C standard doesn't specify what to do in the situation of signed overflow, so it's possible that these checks could be simply optimised away. The portable way to write it (I believe) is: if (INT_MAX - len < offset). I don't know what GCC does in this situation specifically though.
Regards, Andre