In flash/nor/cfi.c:835 struct cfi_info is allocated by malloc(). As
write-mem was uninitialized the pointer pointed to an out of range
address, which led to a segmentation fault and crashed openocd.
This happened during flash-command of an external flash-bank, using
cfi.
Use calloc() instead.
While on it check for NULL return and remove unnecessary initialzation.
Change-Id: I0e2ffb90559afe7f090837023428dcc06b2e29f6
Signed-off-by: Mischa Studer <mischa.studer@csa.ch>
Reviewed-on: http://openocd.zylin.com/6070
Tested-by: jenkins
Reviewed-by: Tomas Vanek <vanekt@fbl.cz>
return ERROR_FLASH_BANK_INVALID;
}
return ERROR_FLASH_BANK_INVALID;
}
- cfi_info = malloc(sizeof(struct cfi_flash_bank));
- cfi_info->probed = false;
- cfi_info->erase_region_info = NULL;
- cfi_info->pri_ext = NULL;
+ cfi_info = calloc(1, sizeof(struct cfi_flash_bank));
+ if (cfi_info == NULL) {
+ LOG_ERROR("No memory for flash bank info");
+ return ERROR_FAIL;
+ }
bank->driver_priv = cfi_info;
bank->driver_priv = cfi_info;
- cfi_info->x16_as_x8 = false;
- cfi_info->jedec_probe = false;
- cfi_info->not_cfi = false;
- cfi_info->data_swap = false;
-
for (unsigned i = 6; i < argc; i++) {
if (strcmp(argv[i], "x16_as_x8") == 0)
cfi_info->x16_as_x8 = true;
for (unsigned i = 6; i < argc; i++) {
if (strcmp(argv[i], "x16_as_x8") == 0)
cfi_info->x16_as_x8 = true;