diff options
author | Wolfgang Denk <wd@denx.de> | 2010-06-28 22:00:46 +0200 |
---|---|---|
committer | Wolfgang Denk <wd@denx.de> | 2010-07-04 23:55:42 +0200 |
commit | 54841ab50c20d6fa6c9cc3eb826989da3a22d934 (patch) | |
tree | 400f22f0a12ff0ae6c472bed6ac648befc1744a2 /common/cmd_bmp.c | |
parent | b218ccb5435e64ac2318bb8b6c9594ef1cc724cd (diff) | |
download | u-boot-imx-54841ab50c20d6fa6c9cc3eb826989da3a22d934.zip u-boot-imx-54841ab50c20d6fa6c9cc3eb826989da3a22d934.tar.gz u-boot-imx-54841ab50c20d6fa6c9cc3eb826989da3a22d934.tar.bz2 |
Make sure that argv[] argument pointers are not modified.
The hush shell dynamically allocates (and re-allocates) memory for the
argument strings in the "char *argv[]" argument vector passed to
commands. Any code that modifies these pointers will cause serious
corruption of the malloc data structures and crash U-Boot, so make
sure the compiler can check that no such modifications are being done
by changing the code into "char * const argv[]".
This modification is the result of debugging a strange crash caused
after adding a new command, which used the following argument
processing code which has been working perfectly fine in all Unix
systems since version 6 - but not so in U-Boot:
int main (int argc, char **argv)
{
while (--argc > 0 && **++argv == '-') {
/* ====> */ while (*++*argv) {
switch (**argv) {
case 'd':
debug++;
break;
...
default:
usage ();
}
}
}
...
}
The line marked "====>" will corrupt the malloc data structures and
usually cause U-Boot to crash when the next command gets executed by
the shell. With the modification, the compiler will prevent this with
an
error: increment of read-only location '*argv'
N.B.: The code above can be trivially rewritten like this:
while (--argc > 0 && **++argv == '-') {
char *arg = *argv;
while (*++arg) {
switch (*arg) {
...
Signed-off-by: Wolfgang Denk <wd@denx.de>
Acked-by: Mike Frysinger <vapier@gentoo.org>
Diffstat (limited to 'common/cmd_bmp.c')
-rw-r--r-- | common/cmd_bmp.c | 6 |
1 files changed, 3 insertions, 3 deletions
diff --git a/common/cmd_bmp.c b/common/cmd_bmp.c index 583b009..5ec798c 100644 --- a/common/cmd_bmp.c +++ b/common/cmd_bmp.c @@ -90,7 +90,7 @@ bmp_image_t *gunzip_bmp(unsigned long addr, unsigned long *lenp) } #endif -static int do_bmp_info(cmd_tbl_t * cmdtp, int flag, int argc, char *argv[]) +static int do_bmp_info(cmd_tbl_t * cmdtp, int flag, int argc, char * const argv[]) { ulong addr; @@ -109,7 +109,7 @@ static int do_bmp_info(cmd_tbl_t * cmdtp, int flag, int argc, char *argv[]) return (bmp_info(addr)); } -static int do_bmp_display(cmd_tbl_t * cmdtp, int flag, int argc, char *argv[]) +static int do_bmp_display(cmd_tbl_t * cmdtp, int flag, int argc, char * const argv[]) { ulong addr; int x = 0, y = 0; @@ -149,7 +149,7 @@ static cmd_tbl_t cmd_bmp_sub[] = { * Return: None * */ -static int do_bmp(cmd_tbl_t *cmdtp, int flag, int argc, char *argv[]) +static int do_bmp(cmd_tbl_t *cmdtp, int flag, int argc, char * const argv[]) { cmd_tbl_t *c; |