On Tue, Dec 06, 2016 at 05:17:01PM +0100, Michal Simek wrote: > The patch is fixing: > "tools: mkimage: Check if file is regular file" > (sha1: 56c7e8015509312240b1ee15f2ff74510939a45d) > which contains two issues reported by Coverity > Unchecked return value from stat and incorrect calling sequence where > attack can happen between calling stat and fopen. > Using pair in opposite order (fopen and fstat) is fixing this issue > because fstat is using the same file descriptor (FILE *). > > Also fixing issue with: > "tools: mkimage: Add support for initialization table for Zynq and > ZynqMP" (sha1: 3b6460809c2a28360029c1c48247648fac4455c9) > where file wasn't checked that it is regular file. > > Reported-by: Coverity (CID: 154711, 154712) > Signed-off-by: Michal Simek <michal.si...@xilinx.com> > Reviewed-by: Tom Rini <tr...@konsulko.com>
Applied to u-boot/master, thanks! -- Tom
signature.asc
Description: Digital signature
_______________________________________________ U-Boot mailing list U-Boot@lists.denx.de http://lists.denx.de/mailman/listinfo/u-boot
