dtc: Sync with upstream version e9a77451cdd8

1c231509cf88 ("Validate integers fit in cells") is the only change
missing from our copy.

Reviewed by:	manu, imp
Differential Revision:	https://reviews.freebsd.org/D34368

2 files changed, 22 insertions, 1 deletions

diff --git a/usr.bin/dtc/fdt.cc b/usr.bin/dtc/fdt.cc
index 3c7b2a8bd9ab..bdfd495a02d2 100644
--- a/usr.bin/dtc/fdt.cc
+++ b/usr.bin/dtc/fdt.cc
@@ -335,10 +335,28 @@ property::parse_cells(text_input_buffer &input, int cell_size)
 			unsigned long long val;
 			if (!input.consume_integer_expression(val))
 			{
+				// FIXME: Distinguish invalid syntax from a
+				// number that cannot be represented in an
+				// unsigned long long.
 				input.parse_error("Expected numbers in array of cells");
 				valid = false;
 				return;
 			}
+			// FIXME: No sign information available, so cannot
+			// distinguish small negative values from large
+			// positive ones, and thus we have to conservatively
+			// permit anything that looks like a sign-extended
+			// negative integer.
+			if (cell_size < 64 && val >= (1ull << cell_size) &&
+			    (val | ((1ull << (cell_size - 1)) - 1)) !=
+			    std::numeric_limits<unsigned long long>::max())
+			{
+				std::string msg = "Value does not fit in a " +
+					std::to_string(cell_size) + "-bit cell";
+				input.parse_error(msg.c_str());
+				valid = false;
+				return;
+			}
 			switch (cell_size)
 			{
 				case 8:
diff --git a/usr.bin/dtc/input_buffer.cc b/usr.bin/dtc/input_buffer.cc
index 1f4775c8b78c..01ab483353c0 100644
--- a/usr.bin/dtc/input_buffer.cc
+++ b/usr.bin/dtc/input_buffer.cc
@@ -349,8 +349,11 @@ input_buffer::consume_integer(unsigned long long &outInt)
 		return false;
 	}
 	char *end= const_cast<char*>(&buffer[size]);
+	errno = 0;
 	outInt = strtoull(&buffer[cursor], &end, 0);
-	if (end == &buffer[cursor])
+	if (end == &buffer[cursor] ||
+	    (outInt == std::numeric_limits<unsigned long long>::max() &&
+	     errno == ERANGE))
 	{
 		return false;
 	}