The libfdt functions are supposed to behave tolerably well when practical,
even if given a corrupted device tree as input. A silly mistake in
fdt_get_property() means we're bounds checking against the size of a pointer
instead of the size of a property header, meaning we can get bogus
behaviour in a corrupted device tree where the structure block ends in
what's supposed to be the middle of a property.
This patch corrects the problem (fdt_get_property() will now return
BADSTRUCTURE in this case), and also adds a testcase to catch the bug.
fdt_property_offset() is the only function in the library returning a
direct offset to a property, and no function takes such an offset
(they only take offsets to nodes, not properties). Furthermore the
only client uses for this function I can think of involve immediately
translating the offset into a pointer, effectively duplicating the
internal function _fdt_getprop()
This function abolishes fdt_property_offset(), replacing it with
fdt_get_property(), a renamed and now externally visible version of
_fdt_getprop().