fix(fdt): fix OOB write in uuid parsing function
The function read_uuid() zeroes the UUID destination buffer
on error. However, it mistakenly uses the dest pointer
that has been incremented many times during the parsing,
leading to an out-of-bounds write.
To fix this, retain a pointer to the start of the buffer,
and use this when clearing it instead.
Signed-off-by: David Horstmann <david.horstmann@arm.com>
Change-Id: Iee8857be5d3f383ca2eab86cde99a43bf606f306
Please register or sign in to comment