of/fdt: Check fdt_get_mem_rsv() error in early_init_fdt_scan_reserved_mem()

early_init_fdt_scan_reserved_mem() invoks fdt_get_mem_rsv(), and it will
use uninitialized variables @base and @size once the callee suffers error.

Fix by checking fdt_get_mem_rsv() error as other callers do.

Signed-off-by: Zijun Hu <quic_zijuhu@quicinc.com>
Link: https://lore.kernel.org/r/20250109-of_core_fix-v4-13-db8a72415b8c@quicinc.com
Signed-off-by: Rob Herring (Arm) <robh@kernel.org>

diff --git a/drivers/of/fdt.c b/drivers/of/fdt.c
index 4b1e9f101ce34d7212cc8de99c7e7761a2636866..c93a99d4a1e08c0d4cccf9e5ae16f7e4950ee801 100644 (file)
--- a/drivers/of/fdt.c
+++ b/drivers/of/fdt.c
@@ -497,6 +497,7 @@ static void __init fdt_reserve_elfcorehdr(void)
 void __init early_init_fdt_scan_reserved_mem(void)
 {
        int n;
+       int res;
        u64 base, size;
 
        if (!initial_boot_params)
@@ -507,7 +508,11 @@ void __init early_init_fdt_scan_reserved_mem(void)
 
        /* Process header /memreserve/ fields */
        for (n = 0; ; n++) {
-               fdt_get_mem_rsv(initial_boot_params, n, &base, &size);
+               res = fdt_get_mem_rsv(initial_boot_params, n, &base, &size);
+               if (res) {
+                       pr_err("Invalid memory reservation block index %d\n", n);
+                       break;
+               }
                if (!size)
                        break;
                memblock_reserve(base, size);