On Tue, May 02, 2023 at 04:34:09AM +0200, Heinrich Schuchardt wrote: > Invoking the sandbox with > > /u-boot -c ⧵0xef⧵0xbf⧵0xbd > > results in a segmentation fault. > > Function b_getch() retrieves a character from the input stream. This > character may be > 0x7f. If type char is signed, static_get() will > return a negative number and in parse_stream() we will use that > negative number as an index for array map[] resulting in a buffer > overflow. > > Reported-by: Harry Lockyer <harry_lock...@tutanota.com> > Signed-off-by: Heinrich Schuchardt <heinrich.schucha...@canonical.com> > Reviewed-by: Simon Glass <s...@chromium.org>
Applied to u-boot/next, thanks! -- Tom
signature.asc
Description: PGP signature