From 54841ab50c20d6fa6c9cc3eb826989da3a22d934 Mon Sep 17 00:00:00 2001 From: Wolfgang Denk Date: Mon, 28 Jun 2010 22:00:46 +0200 Subject: Make sure that argv[] argument pointers are not modified. The hush shell dynamically allocates (and re-allocates) memory for the argument strings in the "char *argv[]" argument vector passed to commands. Any code that modifies these pointers will cause serious corruption of the malloc data structures and crash U-Boot, so make sure the compiler can check that no such modifications are being done by changing the code into "char * const argv[]". This modification is the result of debugging a strange crash caused after adding a new command, which used the following argument processing code which has been working perfectly fine in all Unix systems since version 6 - but not so in U-Boot: int main (int argc, char **argv) { while (--argc > 0 && **++argv == '-') { /* ====> */ while (*++*argv) { switch (**argv) { case 'd': debug++; break; ... default: usage (); } } } ... } The line marked "====>" will corrupt the malloc data structures and usually cause U-Boot to crash when the next command gets executed by the shell. With the modification, the compiler will prevent this with an error: increment of read-only location '*argv' N.B.: The code above can be trivially rewritten like this: while (--argc > 0 && **++argv == '-') { char *arg = *argv; while (*++arg) { switch (*arg) { ... Signed-off-by: Wolfgang Denk Acked-by: Mike Frysinger --- examples/api/demo.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'examples/api') diff --git a/examples/api/demo.c b/examples/api/demo.c index df9c4bd..65e7491 100644 --- a/examples/api/demo.c +++ b/examples/api/demo.c @@ -41,7 +41,7 @@ void test_dump_sig(struct api_signature *); static char buf[BUF_SZ]; -int main(int argc, char *argv[]) +int main(int argc, char * const argv[]) { int rv = 0, h, i, j, devs_no; struct api_signature *sig = NULL; -- cgit v1.1