Patchwork [U-Boot,FIX] env_nand: zero-initialize variable nand_erase_options

login
register
mail settings
Submitter Daniel Hobi
Date May 18, 2011, 1:21 p.m.
Message ID <1305724868-3827-1-git-send-email-daniel.hobi@schmid-telecom.ch>
Download mbox | patch
Permalink /patch/96170/
State Accepted
Commit 3b250ffb4113fe521a71c0a8b30340cf237c2508
Headers show

Comments

Daniel Hobi - May 18, 2011, 1:21 p.m.
Commit 30486322 (nand erase: .spread, .part, .chip subcommands)
added a new field to struct nand_erase_options, but forgot to
update common/env_nand.c.

Depending on the stack state and bad block distribution, saveenv()
can thus erase more than CONFIG_ENV_RANGE bytes which may corrupt
the following NAND sectors/partitions.

Signed-off-by: Daniel Hobi <daniel.hobi@schmid-telecom.ch>
---
 common/env_nand.c |    8 ++------
 1 files changed, 2 insertions(+), 6 deletions(-)
Scott Wood - May 18, 2011, 9:09 p.m.
On Wed, May 18, 2011 at 03:21:08PM +0200, Daniel Hobi wrote:
> Commit 30486322 (nand erase: .spread, .part, .chip subcommands)
> added a new field to struct nand_erase_options, but forgot to
> update common/env_nand.c.
> 
> Depending on the stack state and bad block distribution, saveenv()
> can thus erase more than CONFIG_ENV_RANGE bytes which may corrupt
> the following NAND sectors/partitions.
> 
> Signed-off-by: Daniel Hobi <daniel.hobi@schmid-telecom.ch>
> ---
>  common/env_nand.c |    8 ++------
>  1 files changed, 2 insertions(+), 6 deletions(-)

Applied to u-boot-nand-flash

-Scott

Patch

diff --git a/common/env_nand.c b/common/env_nand.c
index 980425a..14446a6 100644
--- a/common/env_nand.c
+++ b/common/env_nand.c
@@ -193,10 +193,8 @@  int saveenv(void)
 	int	ret = 0;
 	nand_erase_options_t nand_erase_options;
 
+	memset(&nand_erase_options, 0, sizeof(nand_erase_options));
 	nand_erase_options.length = CONFIG_ENV_RANGE;
-	nand_erase_options.quiet = 0;
-	nand_erase_options.jffs2 = 0;
-	nand_erase_options.scrub = 0;
 
 	if (CONFIG_ENV_RANGE < CONFIG_ENV_SIZE)
 		return 1;
@@ -249,10 +247,8 @@  int saveenv(void)
 	char	*res;
 	nand_erase_options_t nand_erase_options;
 
+	memset(&nand_erase_options, 0, sizeof(nand_erase_options));
 	nand_erase_options.length = CONFIG_ENV_RANGE;
-	nand_erase_options.quiet = 0;
-	nand_erase_options.jffs2 = 0;
-	nand_erase_options.scrub = 0;
 	nand_erase_options.offset = CONFIG_ENV_OFFSET;
 
 	if (CONFIG_ENV_RANGE < CONFIG_ENV_SIZE)