libfdt: fix undefined behaviour in fdt_offset_ptr()

[jenswi-linaro]

Upstream commit d0b3ab0a0f46 ("libfdt: Fix undefined behaviour in
fdt_offset_ptr()").

Using pointer arithmetic to generate a pointer outside a known object is,
technically, undefined behaviour in C. Unfortunately, we were using that
in fdt_offset_ptr() to detect overflows.

To fix this we need to do our bounds / overflow checking on the offsets
before constructing pointers from them.

Fixes: #1967
Signed-off-by: Jens Wiklander jens.wiklander@linaro.org

[jforissier]

Acked-by: Jerome Forissier <jerome.forissier@linaro.org>

(small "process" question: do we want A-b/R-b tags for upstream fixes like this one? or is it enough that one core member of the team picks the patch and carries it with his S-o-b?)

[jenswi-linaro]

Good question, I was thinking more or less the same. When it's just a cherry-pick like in this case I think it would make sense to preserve the original tags. We could separate them from our tags with an empty line to show that they originate from an earlier process.

[jforissier]

Separating the tags sounds good in general, but sometimes we may want to adjust the commit log to give additional info specific to OP-TEE. It can also happen that the upstream patch doesn't apply cleanly and needs adjustments. So I think it's better to consider it as a new patch, and apply only "our" tags. It is easy enough to look up the original patch, as long as it is properly cited as you did.

Let's also keep the same rules as usual patches, i.e., wait for at least one ack or review (meaning "I agree it is OK to cherry-pick this fix now").

[jenswi-linaro]

OK
Tag applied