[PATCH] dtc: Fix zero-length input segfault

Horst Kronstorfer hkronsto at frequentis.com
Wed Feb 8 18:22:29 EST 2012


This patch fixes a segmentation fault caused by dereferencing a NULL
pointer (pos->file aka yylloc.file) in srcpos_string when the input
length is 0 (fe 'dtc </dev/null'.) Reason: yylloc.file is initialized
with 0 and the tokenizer, which updates yylloc.file via srcpos_update
doesn't get a chance to run on zero-length input.

Signed-off-by: Horst Kronstorfer <hkronsto at frequentis.com>
---
 treesource.c |    2 ++
 1 files changed, 2 insertions(+), 0 deletions(-)

diff --git a/treesource.c b/treesource.c
index c09aafa..33eeba5 100644
--- a/treesource.c
+++ b/treesource.c
@@ -23,6 +23,7 @@
 
 extern FILE *yyin;
 extern int yyparse(void);
+extern YYLTYPE yylloc;
 
 struct boot_info *the_boot_info;
 int treesource_error;
@@ -34,6 +35,7 @@ struct boot_info *dt_from_source(const char *fname)
 
 	srcfile_push(fname);
 	yyin = current_srcfile->f;
+	yylloc.file = current_srcfile;
 
 	if (yyparse() != 0)
 		die("Unable to parse input tree\n");
-- 
1.7.7.6



More information about the devicetree-discuss mailing list