diff options
author | Wolfgang Denk <wd@denx.de> | 2010-06-28 22:00:46 +0200 |
---|---|---|
committer | Wolfgang Denk <wd@denx.de> | 2010-07-04 23:55:42 +0200 |
commit | 54841ab50c20d6fa6c9cc3eb826989da3a22d934 (patch) | |
tree | 400f22f0a12ff0ae6c472bed6ac648befc1744a2 /common/cmd_elf.c | |
parent | b218ccb5435e64ac2318bb8b6c9594ef1cc724cd (diff) | |
download | u-boot-imx-54841ab50c20d6fa6c9cc3eb826989da3a22d934.zip u-boot-imx-54841ab50c20d6fa6c9cc3eb826989da3a22d934.tar.gz u-boot-imx-54841ab50c20d6fa6c9cc3eb826989da3a22d934.tar.bz2 |
Make sure that argv[] argument pointers are not modified.
The hush shell dynamically allocates (and re-allocates) memory for the
argument strings in the "char *argv[]" argument vector passed to
commands. Any code that modifies these pointers will cause serious
corruption of the malloc data structures and crash U-Boot, so make
sure the compiler can check that no such modifications are being done
by changing the code into "char * const argv[]".
This modification is the result of debugging a strange crash caused
after adding a new command, which used the following argument
processing code which has been working perfectly fine in all Unix
systems since version 6 - but not so in U-Boot:
int main (int argc, char **argv)
{
while (--argc > 0 && **++argv == '-') {
/* ====> */ while (*++*argv) {
switch (**argv) {
case 'd':
debug++;
break;
...
default:
usage ();
}
}
}
...
}
The line marked "====>" will corrupt the malloc data structures and
usually cause U-Boot to crash when the next command gets executed by
the shell. With the modification, the compiler will prevent this with
an
error: increment of read-only location '*argv'
N.B.: The code above can be trivially rewritten like this:
while (--argc > 0 && **++argv == '-') {
char *arg = *argv;
while (*++arg) {
switch (*arg) {
...
Signed-off-by: Wolfgang Denk <wd@denx.de>
Acked-by: Mike Frysinger <vapier@gentoo.org>
Diffstat (limited to 'common/cmd_elf.c')
-rw-r--r-- | common/cmd_elf.c | 7 |
1 files changed, 4 insertions, 3 deletions
diff --git a/common/cmd_elf.c b/common/cmd_elf.c index 63f6fe7..104d6e6 100644 --- a/common/cmd_elf.c +++ b/common/cmd_elf.c @@ -29,7 +29,8 @@ unsigned long load_elf_image (unsigned long addr); /* Allow ports to override the default behavior */ __attribute__((weak)) -unsigned long do_bootelf_exec (ulong (*entry)(int, char *[]), int argc, char *argv[]) +unsigned long do_bootelf_exec (ulong (*entry)(int, char * const[]), + int argc, char * const argv[]) { unsigned long ret; @@ -56,7 +57,7 @@ unsigned long do_bootelf_exec (ulong (*entry)(int, char *[]), int argc, char *ar /* ====================================================================== * Interpreter command to boot an arbitrary ELF image from memory. * ====================================================================== */ -int do_bootelf (cmd_tbl_t *cmdtp, int flag, int argc, char *argv[]) +int do_bootelf (cmd_tbl_t *cmdtp, int flag, int argc, char * const argv[]) { unsigned long addr; /* Address of the ELF image */ unsigned long rc; /* Return value from user code */ @@ -93,7 +94,7 @@ int do_bootelf (cmd_tbl_t *cmdtp, int flag, int argc, char *argv[]) * be either an ELF image or a raw binary. Will attempt to setup the * bootline and other parameters correctly. * ====================================================================== */ -int do_bootvx (cmd_tbl_t *cmdtp, int flag, int argc, char *argv[]) +int do_bootvx (cmd_tbl_t *cmdtp, int flag, int argc, char * const argv[]) { unsigned long addr; /* Address of image */ unsigned long bootaddr; /* Address to put the bootline */ |