lib: fix __fdt_parse_region()

If fdt_getprop() returns NULL, this indicates an error. In this case lenp
is set to an error code. But even if lenp = 0 we should not continue.

If fdt_getprop() returns a wider value than we expect this is a separate
error condition.

In both cases the device-tree is invalid.

Addresses-Coverity-ID: 1529703 ("Dereference after null check")
Signed-off-by: Heinrich Schuchardt <heinrich.schuchardt@canonical.com>
Reviewed-by: Xiang W <wxjstz@126.com>
Reviewed-by: Anup Patel <anup@brainfault.org>

lib/utils/fdt/fdt_domain.c

@@ -246,7 +246,7 @@ static int __fdt_parse_region(void *fdt, int domain_offset,
 
 	/* Read "base" DT property */
 	val = fdt_getprop(fdt, region_offset, "base", &len);
-	if (!val && len >= 8)
+	if (!val || len != 8)
 		return SBI_EINVAL;
 	val64 = fdt32_to_cpu(val[0]);
 	val64 = (val64 << 32) | fdt32_to_cpu(val[1]);
@@ -254,7 +254,7 @@ static int __fdt_parse_region(void *fdt, int domain_offset,
 
 	/* Read "order" DT property */
 	val = fdt_getprop(fdt, region_offset, "order", &len);
-	if (!val && len >= 4)
+	if (!val || len != 4)
 		return SBI_EINVAL;
 	val32 = fdt32_to_cpu(*val);
 	if (val32 < 3 || __riscv_xlen < val32)