From 54841ab50c20d6fa6c9cc3eb826989da3a22d934 Mon Sep 17 00:00:00 2001 From: Wolfgang Denk Date: Mon, 28 Jun 2010 22:00:46 +0200 Subject: Make sure that argv[] argument pointers are not modified. The hush shell dynamically allocates (and re-allocates) memory for the argument strings in the "char *argv[]" argument vector passed to commands. Any code that modifies these pointers will cause serious corruption of the malloc data structures and crash U-Boot, so make sure the compiler can check that no such modifications are being done by changing the code into "char * const argv[]". This modification is the result of debugging a strange crash caused after adding a new command, which used the following argument processing code which has been working perfectly fine in all Unix systems since version 6 - but not so in U-Boot: int main (int argc, char **argv) { while (--argc > 0 && **++argv == '-') { /* ====> */ while (*++*argv) { switch (**argv) { case 'd': debug++; break; ... default: usage (); } } } ... } The line marked "====>" will corrupt the malloc data structures and usually cause U-Boot to crash when the next command gets executed by the shell. With the modification, the compiler will prevent this with an error: increment of read-only location '*argv' N.B.: The code above can be trivially rewritten like this: while (--argc > 0 && **++argv == '-') { char *arg = *argv; while (*++arg) { switch (*arg) { ... Signed-off-by: Wolfgang Denk Acked-by: Mike Frysinger --- board/amirix/ap1000/ap1000.c | 10 +++++----- board/amirix/ap1000/powerspan.c | 4 ++-- 2 files changed, 7 insertions(+), 7 deletions(-) (limited to 'board/amirix/ap1000') diff --git a/board/amirix/ap1000/ap1000.c b/board/amirix/ap1000/ap1000.c index cadfe0b..c8dd99e 100644 --- a/board/amirix/ap1000/ap1000.c +++ b/board/amirix/ap1000/ap1000.c @@ -167,7 +167,7 @@ unsigned int get_device (void) /* This function loads FPGA configurations from the SystemACE CompactFlash */ -int do_loadace (cmd_tbl_t * cmdtp, int flag, int argc, char *argv[]) +int do_loadace (cmd_tbl_t * cmdtp, int flag, int argc, char * const argv[]) { unsigned char *p = (unsigned char *) AP1000_SYSACE_REGBASE; int cfg; @@ -247,7 +247,7 @@ int do_loadace (cmd_tbl_t * cmdtp, int flag, int argc, char *argv[]) * -1 if failed * */ -int do_swconfigbyte (cmd_tbl_t * cmdtp, int flag, int argc, char *argv[]) +int do_swconfigbyte (cmd_tbl_t * cmdtp, int flag, int argc, char * const argv[]) { unsigned char *sector_buffer = NULL; unsigned char input_char; @@ -311,7 +311,7 @@ int do_swconfigbyte (cmd_tbl_t * cmdtp, int flag, int argc, char *argv[]) #define ONE_SECOND 1000000 -int do_pause (cmd_tbl_t * cmdtp, int flag, int argc, char *argv[]) +int do_pause (cmd_tbl_t * cmdtp, int flag, int argc, char * const argv[]) { int pause_time; unsigned int delay_time; @@ -345,7 +345,7 @@ int do_pause (cmd_tbl_t * cmdtp, int flag, int argc, char *argv[]) return 0; } -int do_swreconfig (cmd_tbl_t * cmdtp, int flag, int argc, char *argv[]) +int do_swreconfig (cmd_tbl_t * cmdtp, int flag, int argc, char * const argv[]) { printf ("Triggering software reconfigure (software config byte is 0x%02x)...\n", *((unsigned char *) (SW_BYTE_SECTOR_ADDR + SW_BYTE_SECTOR_OFFSET))); @@ -365,7 +365,7 @@ int do_swreconfig (cmd_tbl_t * cmdtp, int flag, int argc, char *argv[]) #define TEMP_ETHERM_BIT 0x02 #define TEMP_LTHERM_BIT 0x01 -int do_temp_sensor (cmd_tbl_t * cmdtp, int flag, int argc, char *argv[]) +int do_temp_sensor (cmd_tbl_t * cmdtp, int flag, int argc, char * const argv[]) { char cmd; int ret_val = 0; diff --git a/board/amirix/ap1000/powerspan.c b/board/amirix/ap1000/powerspan.c index 28e2bbc..55451b1 100644 --- a/board/amirix/ap1000/powerspan.c +++ b/board/amirix/ap1000/powerspan.c @@ -364,7 +364,7 @@ int EEPROMWrite (unsigned char theI2CAddress, unsigned char theValue) &theValue, I2C_WRITE); } -int do_eeprom (cmd_tbl_t * cmdtp, int flag, int argc, char *argv[]) +int do_eeprom (cmd_tbl_t * cmdtp, int flag, int argc, char * const argv[]) { char cmd; int ret_val = 0; @@ -690,7 +690,7 @@ int SetTargetImage (int theImageIndex, unsigned int theBlockSize, return 0; } -int do_bridge (cmd_tbl_t * cmdtp, int flag, int argc, char *argv[]) +int do_bridge (cmd_tbl_t * cmdtp, int flag, int argc, char * const argv[]) { char cmd; int ret_val = 1; -- cgit v1.1