Felix Held has submitted this change. ( https://review.coreboot.org/c/coreboot/+/62928 )

Change subject: lib/device_tree.c: zero-initialize new DT nodes ......................................................................

lib/device_tree.c: zero-initialize new DT nodes

Prevents bad things from happening later when these new nodes are used.

This issue is hard to observe because: 1. Heap is zero-initialized, so you need to use allocated memory filling it with non-zero values, free, allocate it again, use uninitialized. 2. Most of allocated memory is not freed. 3. Implementation of free() does something only for one last malloc'ed block, making most of freed memory unavailable for future allocation.

Change-Id: I38a7ec1949d80f7a2564fac380ce94de6056a0c7 Signed-off-by: Sergii Dmytruk sergii.dmytruk@3mdeb.com Reviewed-on: https://review.coreboot.org/c/coreboot/+/62928 Reviewed-by: Krystian Hebel krystian.hebel@3mdeb.com Reviewed-by: Julius Werner jwerner@chromium.org Tested-by: build bot (Jenkins) no-reply@coreboot.org --- M src/lib/device_tree.c 1 file changed, 1 insertion(+), 1 deletion(-)

Approvals: build bot (Jenkins): Verified Julius Werner: Looks good to me, approved Krystian Hebel: Looks good to me, but someone else must approve

diff --git a/src/lib/device_tree.c b/src/lib/device_tree.c index fb3ce90..b846c25 100644 --- a/src/lib/device_tree.c +++ b/src/lib/device_tree.c @@ -554,7 +554,7 @@ if (!create) return NULL;

- found = malloc(sizeof(*found)); + found = calloc(1, sizeof(*found)); if (!found) return NULL; found->name = strdup(*path);