diff mbox

[U-Boot] common: env_flags: fix loop condition when using env_flags_varaccess_mask

Message ID 1452590592-15921-1-git-send-email-van.freenix@gmail.com
State Accepted
Commit db18f548cb7b5ff99223b66eac1966eb45230817
Delegated to: Tom Rini
Headers show

Commit Message

Peng Fan Jan. 12, 2016, 9:23 a.m. UTC 
From: Peng Fan <peng.fan@nxp.com>

We should use ARRAY_SIZE, but not sizeof. The size of
env_flags_varaccess_mask is 16bytes, but we only need 4 loops.
If using 16 as the end condition, we may access memory that
not belong to array env_flags_varaccess_mask.

Signed-off-by: Peng Fan <peng.fan@nxp.com>
Cc: Joe Hershberger <joe.hershberger@ni.com>
Cc: York Sun <yorksun@freescale.com>
Cc: Simon Glass <sjg@chromium.org>
Cc: Tom Rini <trini@konsulko.com>
---
 common/env_flags.c | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

Comments

Simon Glass Jan. 13, 2016, 8:09 p.m. UTC | #1 
On 12 January 2016 at 02:23, Peng Fan <van.freenix@gmail.com> wrote:
> From: Peng Fan <peng.fan@nxp.com>
>
> We should use ARRAY_SIZE, but not sizeof. The size of
> env_flags_varaccess_mask is 16bytes, but we only need 4 loops.
> If using 16 as the end condition, we may access memory that
> not belong to array env_flags_varaccess_mask.
>
> Signed-off-by: Peng Fan <peng.fan@nxp.com>
> Cc: Joe Hershberger <joe.hershberger@ni.com>
> Cc: York Sun <yorksun@freescale.com>
> Cc: Simon Glass <sjg@chromium.org>
> Cc: Tom Rini <trini@konsulko.com>
> ---
>  common/env_flags.c | 2 +-
>  1 file changed, 1 insertion(+), 1 deletion(-)

Reviewed-by: Simon Glass <sjg@chromium.org>
Joe Hershberger Jan. 13, 2016, 8:39 p.m. UTC | #2 
On Tue, Jan 12, 2016 at 3:23 AM, Peng Fan <van.freenix@gmail.com> wrote:
> From: Peng Fan <peng.fan@nxp.com>
>
> We should use ARRAY_SIZE, but not sizeof. The size of
> env_flags_varaccess_mask is 16bytes, but we only need 4 loops.
> If using 16 as the end condition, we may access memory that
> not belong to array env_flags_varaccess_mask.
>
> Signed-off-by: Peng Fan <peng.fan@nxp.com>
> Cc: Joe Hershberger <joe.hershberger@ni.com>
> Cc: York Sun <yorksun@freescale.com>
> Cc: Simon Glass <sjg@chromium.org>
> Cc: Tom Rini <trini@konsulko.com>
> ---

Acked-by: Joe Hershberger <joe.hershberger@ni.com>
Tom Rini Jan. 14, 2016, 1:22 p.m. UTC | #3 
On Tue, Jan 12, 2016 at 05:23:12PM +0800, Peng Fan wrote:

> From: Peng Fan <peng.fan@nxp.com>
> 
> We should use ARRAY_SIZE, but not sizeof. The size of
> env_flags_varaccess_mask is 16bytes, but we only need 4 loops.
> If using 16 as the end condition, we may access memory that
> not belong to array env_flags_varaccess_mask.
> 
> Signed-off-by: Peng Fan <peng.fan@nxp.com>
> Cc: Joe Hershberger <joe.hershberger@ni.com>
> Cc: York Sun <yorksun@freescale.com>
> Cc: Simon Glass <sjg@chromium.org>
> Cc: Tom Rini <trini@konsulko.com>
> Reviewed-by: Simon Glass <sjg@chromium.org>
> Acked-by: Joe Hershberger <joe.hershberger@ni.com>

Applied to u-boot/master, thanks!
diff mbox

Patch

diff --git a/common/env_flags.c b/common/env_flags.c
index 7719355..9c3aed1 100644
--- a/common/env_flags.c
+++ b/common/env_flags.c
@@ -152,7 +152,7 @@  enum env_flags_varaccess env_flags_parse_varaccess_from_binflags(int binflags)
 {
 	int i;
 
-	for (i = 0; i < sizeof(env_flags_varaccess_mask); i++)
+	for (i = 0; i < ARRAY_SIZE(env_flags_varaccess_mask); i++)
 		if (env_flags_varaccess_mask[i] ==
 		    (binflags & ENV_FLAGS_VARACCESS_BIN_MASK))
 			return (enum env_flags_varaccess)i;