of: fdt: fix off-by-one error in unflatten_dt_nodes()
JIRA: https://issues.redhat.com/browse/RHEL-35465
CVE: CVE-2022-48672
https://brewweb.engineering.redhat.com/brew/taskinfo?taskID=61172807
Tested: Did sanity boot testing using nvidia-jetson-agx-orin-11 system.
commit 2f945a792f67815abca26fa8a5e863ccf3fa1181
Author: Sergey Shtylyov s.shtylyov@omp.ru
Date: Sat Aug 13 23:34:16 2022 +0300
of: fdt: fix off-by-one error in unflatten_dt_nodes()
Commit 78c44d910d3e ("drivers/of: Fix depth when unflattening devicetree")
forgot to fix up the depth check in the loop body in unflatten_dt_nodes()
which makes it possible to overflow the nps[] buffer...
Found by Linux Verification Center (linuxtesting.org) with the SVACE static
analysis tool.
Fixes: 78c44d910d3e ("drivers/of: Fix depth when unflattening devicetree")
Signed-off-by: Sergey Shtylyov <s.shtylyov@omp.ru>
Signed-off-by: Rob Herring <robh@kernel.org>
Link: https://lore.kernel.org/r/7c354554-006f-6b31-c195-cdfe4caee392@omp.ru
Signed-off-by: Steve Best sbest@redhat.com