summaryrefslogtreecommitdiff
path: root/tools/image-host.c
diff options
context:
space:
mode:
authorMichal Simek <michal.simek@xilinx.com>2016-12-06 15:38:13 (GMT)
committerMichal Simek <michal.simek@xilinx.com>2016-12-08 08:23:48 (GMT)
commit37a2cf6f1af0379c447ec4b6e321a3600492484c (patch)
tree231dc13a29a36f3a8860b0259b39cb89a486b31e /tools/image-host.c
parent8814c0385356b02bf9a55b2e8388301b85f28067 (diff)
downloadu-boot-fsl-qoriq-37a2cf6f1af0379c447ec4b6e321a3600492484c.tar.xz
tools: mkimage: Use fstat instead of stat to avoid malicious hacks
The patch is fixing: "tools: mkimage: Check if file is regular file" (sha1: 56c7e8015509312240b1ee15f2ff74510939a45d) which contains two issues reported by Coverity Unchecked return value from stat and incorrect calling sequence where attack can happen between calling stat and fopen. Using pair in opposite order (fopen and fstat) is fixing this issue because fstat is using the same file descriptor (FILE *). Also fixing issue with: "tools: mkimage: Add support for initialization table for Zynq and ZynqMP" (sha1: 3b6460809c2a28360029c1c48247648fac4455c9) where file wasn't checked that it is regular file. Reported-by: Coverity (CID: 154711, 154712) Signed-off-by: Michal Simek <michal.simek@xilinx.com> Reviewed-by: Tom Rini <trini@konsulko.com> Series-to: trini Series-cc: u-boot
Diffstat (limited to 'tools/image-host.c')
0 files changed, 0 insertions, 0 deletions