From 22aa21dba4085bb8d597eeeeeee9e3328af684bb Mon Sep 17 00:00:00 2001
From: Niko Mauno <niko.mauno@vaisala.com>
Date: Thu, 3 Aug 2017 09:53:24 +0300
Subject: [PATCH] splash_source: Verify FIT magic

Before reading entire FIT image, add sanity check by testing image
header against FDT_MAGIC. This should help avoid problems in situations
where FIT is not yet available from storage device, for example when
performing initial programming of device.

Cc: Anatolij Gustschin <agust@denx.de>
Acked-by: Tomas Melin <tomas.melin@vaisala.com>
---
 common/splash_source.c | 5 +++++
 1 file changed, 5 insertions(+)

diff --git a/common/splash_source.c b/common/splash_source.c
index a21ad62f82..e0defdebd6 100644
--- a/common/splash_source.c
+++ b/common/splash_source.c
@@ -317,6 +317,11 @@ static int splash_load_fit(struct splash_location *location, u32 bmp_load_addr)
 		return res;
 
 	img_header = (struct image_header *)bmp_load_addr;
+	if (image_get_magic(img_header) != FDT_MAGIC) {
+		printf("Could not find FDT magic\n");
+		return -EINVAL;
+	}
+
 	fit_size = fdt_totalsize(img_header);
 
 	/* Read in entire FIT */
-- 
2.39.5