libs: libfdt: Fix Fdt::header() using bad pointer
Fix a bug where a reference to the DT was erroneously obtained through
&self (instead of self) which was causing Fdt::totalsize() to return a
wrong value (probably read from the stack where &self pointed to), in
turn making Fdt::as_slice() return the wrong region of memory. This UB
seems to have consistently resulted in fdt.totalsize() == 0 i.e.
fdt.as_slice() == &[] and has gone unnoticed until now.
Avoid casting pointers with as in as_{mut_,}ptr().
Bug: 280425124
Test: atest MicrodroidHostTests
Change-Id: Ie31f6c6f19e756ee843d1fd2f11f106590e99395
diff --git a/libs/libfdt/src/lib.rs b/libs/libfdt/src/lib.rs
index 61b69f5..9785941 100644
--- a/libs/libfdt/src/lib.rs
+++ b/libs/libfdt/src/lib.rs
@@ -780,11 +780,11 @@
/// Return a shared pointer to the device tree.
pub fn as_ptr(&self) -> *const c_void {
- self as *const _ as *const c_void
+ self.buffer.as_ptr().cast::<_>()
}
fn as_mut_ptr(&mut self) -> *mut c_void {
- self as *mut _ as *mut c_void
+ self.buffer.as_mut_ptr().cast::<_>()
}
fn capacity(&self) -> usize {
@@ -792,8 +792,9 @@
}
fn header(&self) -> &libfdt_bindgen::fdt_header {
+ let p = self.as_ptr().cast::<_>();
// SAFETY - A valid FDT (verified by constructor) must contain a valid fdt_header.
- unsafe { &*(&self as *const _ as *const libfdt_bindgen::fdt_header) }
+ unsafe { &*p }
}
fn totalsize(&self) -> usize {