607b07554e2 removed the check on the return status of the
android_image_get_dtb_img_addr call from android_image_get_dtb_by_index,
which results in null pointer accesses shortly after when trying to
check the header of a nonexistent DTB.
Fixes: 607b07554e2 ("android: boot: move to andr_image_data structure")
Signed-off-by: Sam Day <m...@samcday.com>
---
boot/image-android.c | 5 ++++-
1 file changed, 4 insertions(+), 1 deletion(-)
diff --git a/boot/image-android.c b/boot/image-android.c
index
60a422dfb74a6c683b3cf9d2b19b3ad1dbd0d151..4fdf56dd1bd4ee26cd4d030532f75d8f48c0b8ee
100644
--- a/boot/image-android.c
+++ b/boot/image-android.c
@@ -696,7 +696,10 @@ bool android_image_get_dtb_by_index(ulong hdr_addr, ulong
vendor_boot_img,
ulong dtb_addr; /* address of DTB blob with specified index */
u32 i; /* index iterator */
- android_image_get_dtb_img_addr(hdr_addr, vendor_boot_img,
&dtb_img_addr);
+ if (!android_image_get_dtb_img_addr(hdr_addr, vendor_boot_img,
+ &dtb_img_addr))
+ return false;
+
/* Check if DTB area of boot image is in DTBO format */
if (android_dt_check_header(dtb_img_addr)) {
return android_dt_get_fdt_by_index(dtb_img_addr, index, addr,
---
base-commit: a3b71cc6f5cc74d4edc5808790a3d2999ea3f7fe
change-id: 20250123-android-handle-no-dtb-ac3e49f7bec6
Best regards,
--
Sam Day <m...@samcday.com>
