diff options
author | Mischa Studer <mischa.studer@csa.ch> | 2021-02-24 13:24:51 +0100 |
---|---|---|
committer | Tomas Vanek <vanekt@fbl.cz> | 2021-03-24 17:14:22 +0000 |
commit | b5889776339eb1a3106cc4639b43d9c58b573ec6 (patch) | |
tree | b5c1f95296c22d0d8b1c2baa350fc163724ed798 /src/flash/nor/cfi.c | |
parent | 6448f70e0940d051eb4847231480e4805e99966a (diff) | |
download | riscv-openocd-b5889776339eb1a3106cc4639b43d9c58b573ec6.zip riscv-openocd-b5889776339eb1a3106cc4639b43d9c58b573ec6.tar.gz riscv-openocd-b5889776339eb1a3106cc4639b43d9c58b573ec6.tar.bz2 |
flash/nor/cfi: fix uninitialized write-mem pointer
In flash/nor/cfi.c:835 struct cfi_info is allocated by malloc(). As
write-mem was uninitialized the pointer pointed to an out of range
address, which led to a segmentation fault and crashed openocd.
This happened during flash-command of an external flash-bank, using
cfi.
Use calloc() instead.
While on it check for NULL return and remove unnecessary initialzation.
Change-Id: I0e2ffb90559afe7f090837023428dcc06b2e29f6
Signed-off-by: Mischa Studer <mischa.studer@csa.ch>
Reviewed-on: http://openocd.zylin.com/6070
Tested-by: jenkins
Reviewed-by: Tomas Vanek <vanekt@fbl.cz>
Diffstat (limited to 'src/flash/nor/cfi.c')
-rw-r--r-- | src/flash/nor/cfi.c | 14 |
1 files changed, 5 insertions, 9 deletions
diff --git a/src/flash/nor/cfi.c b/src/flash/nor/cfi.c index 5f5071e..c9eb38b 100644 --- a/src/flash/nor/cfi.c +++ b/src/flash/nor/cfi.c @@ -832,17 +832,13 @@ int cfi_flash_bank_cmd(struct flash_bank *bank, unsigned int argc, const char ** return ERROR_FLASH_BANK_INVALID; } - cfi_info = malloc(sizeof(struct cfi_flash_bank)); - cfi_info->probed = false; - cfi_info->erase_region_info = NULL; - cfi_info->pri_ext = NULL; + cfi_info = calloc(1, sizeof(struct cfi_flash_bank)); + if (cfi_info == NULL) { + LOG_ERROR("No memory for flash bank info"); + return ERROR_FAIL; + } bank->driver_priv = cfi_info; - cfi_info->x16_as_x8 = false; - cfi_info->jedec_probe = false; - cfi_info->not_cfi = false; - cfi_info->data_swap = false; - for (unsigned i = 6; i < argc; i++) { if (strcmp(argv[i], "x16_as_x8") == 0) cfi_info->x16_as_x8 = true; |